Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remove and scan C drive remotely on an alternate desktop?


  • This topic is locked This topic is locked
25 replies to this topic

#1 Ragnarviking

Ragnarviking

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 19 April 2017 - 09:19 AM

I have a virus that got past a highly rated antivirus app. This virus defeats all of my attempts to remove it. It has closed my internet connection and access to all installed virus scan apps. When I remove the offending exe. from start-up in msconfig it promptly rechecks the box to apply it. Please comment on my plan to remedy the problem: I have a back-up desktop. I would like to remove the all of the hard-drives from my primary desktop and connect them to my back-up desktop via a remote USB connection device. Will this approach allow me to successfully remove the offending files and restore my primary to good health?

 

I rate my tech skills as moderate to low. Any assistance will be gratefully appreciated.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,713 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:04 AM

Posted 21 April 2017 - 07:45 PM

Greetings Ragnarviking and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

We will try to resolve your issues without removing the drives. Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 22 April 2017 - 06:02 PM

Gary,
 
I have no internet connection with the infected desktop. It appears that the offending malware is blocking my internet  access. Additionally, it will not allow me to run any apps to combat the infection; prompting, that the anti-virus program is already running. If I try to open msconfig it promts permission to run an .exe from unknown author. The name of the virus files appears to be 'svcvmx.exe' and 'cpx.exe'.
 

I am using my tablet to make this communication. I will Download Farbar Recover Scan Tool and save it on a flash drive. I will not make any changes until you respond. I hope I am replying in the proper fashion. I am following this topic but I don't see the immediate email notification button.

 

Thanks,

Ragnarviking



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,713 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:04 AM

Posted 22 April 2017 - 07:10 PM

Greetings Ragnarviking.

Thank you for the information. If the first instructions don't work please try the second set of instructions. The second set is only a backup plan.

Let me know if you received the email notification.

===================================================

Rkill and FRST

-------------------
  • From a clean computer download all 3 of the Rkill links below (if one of them does not work try another...) and save it to your USB device

rkill.scr
rkill.com
rkill.exe

  • Download FRST and save it to your USB Device
  • Remove the USB device and connect it to your infected computer
  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Locate Rkill on your USB drive, right click on the file and select Run as administrator
  • Note: You may have to run Rkill a few times before it is successful. You may also have to use one of the other downloaded RKill files
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • Run the FRST scan and copy/paste both reports in your reply
===================================================

Farbar's Recovery Scan Tool in Recovery Environment

--------------------

For this step you will need a USB flash drive and start on a clean computer.
  • Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
===================================================

Entering into the System Recovery Options

Option #1

To enter System Recovery Options in Windows 8:Option #2

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Option #3

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next
===================================================

Running Farbar's Recovery Scan Tool in System Recovery
  • Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • When completed a (FRST.txt) file will be created on the flash drive. Please copy and paste it to your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • RKill log
  • FRST.txt
  • Addition.txt (only with the first set of instructions)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 24 April 2017 - 08:36 AM

Thanks again Gary,

 

I was unable to run any version of Rkill...prompted: 'already in use'. Pasted below is the requested FRST.txt file that I was able to accomplish. I will post the Addition.txt in the next posting.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017
Ran by Kenny (administrator) on KENNY-PC (23-04-2017 12:39:31)
Running from H:\Antivirus
Loaded Profiles: Kenny (Available Profiles: Kenny)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Windows\System32\tprdpw32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Wisair Ltd.) C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [cpx] => "C:\Users\Kenny\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Kenny\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKLM-x32\...\Run: [WirelessUSBManager] => C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe [3666256 2010-08-18] (Wisair Ltd.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-05-17] (Macrovision Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [GoogleChromeAutoLaunch_B2C6E0CC5A2A25373676C3A06457B47B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASCTray.exe [3078432 2016-10-18] (IObit)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
Startup: C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2009-09-20] (Hewlett-Packard Co.)
BootExecute: autocheck autochk * Partizan
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:59463;https=127.0.0.1:59463
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 69.1.30.42 69.1.30.43
Tcpip\..\Interfaces\{61EFE29E-D40B-4C22-B3F9-5D9FDC44B62D}: [DhcpNameServer] 69.1.30.42 69.1.30.43

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-03-05] (LastPass)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.4.cab
Handler: skype4com - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default [2017-04-16]
FF user.js: detected! => C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\user.js [2017-01-02]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\evn6x5fb.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\evn6x5fb.default -> hxxp://www.google.com/
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18]
FF Extension: (LastPass) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\Extensions\support@lastpass.com [2017-03-24]
FF Extension: (Disable Prefetch) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\features\{068e10b6-21a1-4c8c-9f1c-4e4a9fd10571}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5 [2015-11-15] [not signed]
FF HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-05] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-01-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-05] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\windows\Photodex Presenter\npPxPlay.dll [2017-03-12] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @talk.google.com/O1DPlugin -> C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kenny\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kenny\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default [2017-04-23]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S4 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASCService.exe [462624 2016-10-14] (IObit)
S4 CableAssociation; C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe [1461064 2010-07-07] (Wisair Ltd.)
S3 Dataup; C:\Users\Kenny\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () <==== ATTENTION
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2836296 2016-12-14] (ESET)
S4 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [133552 2011-06-09] (Seiko Epson Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S4 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] ()
S4 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-08-26] (NETGEAR)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 realtek_amd64; C:\Users\Kenny\AppData\Local\Temp\WS\realtek_amd64.exe [8704 2017-04-16] () <==== ATTENTION
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-04-02] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Kenny\AppData\Local\imukl\ct.exe [947200 2017-03-29] (Google Inc.) <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 DLCopyFilter; C:\windows\System32\Drivers\wsr_tbf.sys [52736 2010-07-21] ()
R0 drmkpro64; C:\windows\System32\drivers\ndistpr64.sys [78112 2013-09-28] () <==== ATTENTION
S3 DWA; C:\windows\System32\DRIVERS\WSR_DWA.SYS [570880 2010-08-05] ()
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [70960 2017-01-17] (ESET)
S3 ESETOlmarikOlmascoCleaner; C:\windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [157384 2014-07-15] ()
R3 GeneStor; C:\windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-16] (GenesysLogic)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-05-30] (SafeNet Inc.)
S3 hwa; C:\windows\System32\DRIVERS\WSR_HWA.SYS [947200 2010-08-05] ()
S3 HWARadio; C:\windows\System32\DRIVERS\WSR_RCI.SYS [165376 2010-08-05] ()
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-02] (REALiX™)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NPF; C:\windows\System32\drivers\NPF.sys [35344 2016-01-31] (CACE Technologies, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2017-04-17] (Greatis Software)
R0 PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [871408 2012-06-27] ()
R3 vmulti; C:\windows\System32\DRIVERS\vmulti.sys [19504 2016-01-13] (Windows ® Win 7 DDK provider)
S3 X86BDA; C:\windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
U3 acul3lgs; C:\Windows\System32\Drivers\acul3lgs.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix_10-02-16\catchme.sys [X]
S3 cpuz138; \??\C:\Users\Kenny\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [X]
S3 WSR_USF; System32\Drivers\WSR_USF.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-23 12:31 - 2017-04-23 12:39 - 00000000 ____D C:\FRST
2017-04-17 21:27 - 2017-04-17 21:28 - 00262144 _____ C:\windows\Minidump\041717-30420-01.dmp
2017-04-17 21:26 - 2017-04-17 21:26 - 00262144 _____ C:\windows\Minidump\041717-29546-01.dmp
2017-04-17 16:43 - 2017-04-17 16:43 - 00040304 _____ (Greatis Software) C:\windows\SysWOW64\Drivers\Partizan.sys
2017-04-17 16:18 - 2017-04-17 16:18 - 00000000 ____D C:\ProgramData\WRData
2017-04-16 23:21 - 2017-04-17 21:56 - 00000378 _____ C:\windows\Tasks\UnHackMe Task Scheduler.job
2017-04-16 23:21 - 2017-04-17 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2017-04-16 23:21 - 2017-04-17 16:45 - 00000586 _____ C:\Users\Kenny\Desktop\UnHackMe.lnk
2017-04-16 22:49 - 2017-04-16 22:49 - 00464022 _____ C:\Users\Kenny\Desktop\regrunlog.txt
2017-04-16 22:27 - 2017-04-16 22:27 - 00000045 _____ C:\Users\Kenny\Downloads\Unhackme_Key.txt
2017-04-16 21:25 - 2017-04-16 21:25 - 00000274 ____H C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job
2017-04-16 20:59 - 2017-04-17 21:58 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2017-04-16 20:59 - 2017-04-16 20:59 - 00003324 _____ C:\windows\System32\Tasks\UnHackMe Task Scheduler
2017-04-16 20:59 - 2017-04-14 12:48 - 00014984 _____ (Greatis Software, LLC.) C:\windows\SysWOW64\Drivers\UnHackMeDrv.sys
2017-04-16 20:59 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\windows\system32\partizan.exe
2017-04-16 20:58 - 2017-04-14 12:48 - 18681008 _____ (Greatis Software, LLC. ) C:\Users\Kenny\Downloads\unhackme_setup.exe
2017-04-16 20:56 - 2017-04-16 20:58 - 18656117 _____ C:\Users\Kenny\Downloads\unhackme.zip
2017-04-16 20:44 - 2017-04-16 20:45 - 00000000 ___SD C:\32788R22FWJFW
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\llssoft
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\CEF
2017-04-16 19:59 - 2017-04-17 22:43 - 00000000 ____D C:\Users\Kenny\AppData\Local\ntuserlitelist
2017-04-16 19:54 - 2017-04-16 19:54 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Kenny)
2017-04-16 19:48 - 2017-04-16 19:48 - 00262144 _____ C:\windows\Minidump\041617-40934-01.dmp
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-04-16 19:46 - 2017-04-16 21:38 - 00000000 ____D C:\Program Files (x86)\s5
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\c
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\szkec
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\imukl
2017-04-16 19:44 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\AdvinstAnalytics
2017-04-16 19:43 - 2017-04-16 19:44 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microleaves
2017-04-16 19:42 - 2017-04-16 19:43 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\AGData
2017-04-16 19:42 - 2017-04-16 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-04-16 19:41 - 2017-04-16 21:37 - 00000000 ____D C:\Program Files (x86)\AnonymizerGadget
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ___SD C:\windows\system32\CompatTel
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ____D C:\windows\system32\appraiser
2017-04-14 19:07 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:07 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2017-04-14 18:58 - 2017-04-14 18:58 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 17:34 - 2017-04-14 17:34 - 148601744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-04-14 17:34 - 2017-04-14 17:34 - 00000000 ____D C:\windows\system32\MRT
2017-04-14 16:57 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2017-04-14 16:57 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2017-04-14 16:56 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2017-04-14 16:56 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2017-04-14 16:56 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2017-04-14 16:56 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2017-04-14 16:56 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2017-04-14 16:55 - 2017-03-24 17:50 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-04-14 16:55 - 2017-03-24 17:42 - 00313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 03165184 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:30 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-04-14 16:55 - 2017-03-22 10:24 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:17 - 02651136 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2017-04-14 16:55 - 2017-03-14 10:34 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-04-14 16:55 - 2017-03-14 10:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-04-14 16:55 - 2017-03-14 10:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-04-14 16:55 - 2017-03-10 11:35 - 00382696 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:27 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:20 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:00 - 03219968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-04-14 16:55 - 2017-03-10 10:53 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-04-14 16:55 - 2017-03-08 15:20 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-04-14 16:55 - 2017-03-08 15:10 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-04-14 16:55 - 2017-03-07 23:37 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:36 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-04-14 16:55 - 2017-03-07 23:36 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-04-14 16:55 - 2017-03-07 23:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 02064384 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:26 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-04-14 16:55 - 2017-03-07 23:26 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:24 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01416192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-04-14 16:55 - 2017-03-07 23:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-04-14 16:55 - 2017-03-07 23:00 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-04-14 16:55 - 2017-03-07 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-04-14 16:55 - 2017-03-07 22:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-04-14 16:55 - 2017-03-07 22:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-04-14 16:55 - 2017-03-07 22:55 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-04-14 16:55 - 2017-03-07 22:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 22:54 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-04-14 16:55 - 2017-03-07 22:53 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 11:30 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 11:17 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 09:05 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\mfmjpegdec.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 00077312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmjpegdec.dll
2017-04-14 16:55 - 2017-02-14 11:33 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-04-14 16:55 - 2017-02-14 11:19 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2017-04-14 16:55 - 2017-02-11 10:58 - 00462848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-04-14 16:55 - 2017-02-10 11:32 - 00803328 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2017-04-14 16:55 - 2017-02-10 11:17 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2017-04-14 16:55 - 2017-02-09 10:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-06 11:14 - 00733696 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-04-14 16:55 - 2017-01-18 10:36 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2017-04-14 16:55 - 2017-01-11 13:01 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-04-14 16:55 - 2017-01-11 12:43 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-04-14 16:55 - 2016-11-21 13:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2017-04-14 16:55 - 2016-11-20 11:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2017-04-14 16:55 - 2016-11-20 09:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-04-14 16:55 - 2016-11-17 11:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2017-04-14 16:55 - 2016-11-10 11:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-04-14 16:55 - 2016-11-10 11:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2017-04-14 16:55 - 2016-11-09 11:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2017-04-14 16:55 - 2016-11-09 11:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2017-04-14 16:55 - 2016-11-09 10:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2017-04-14 16:55 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\quick.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\phon.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\quick.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\phon.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2017-04-14 16:55 - 2016-10-11 08:18 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2017-04-14 16:55 - 2016-10-11 08:17 - 00419648 _____ C:\windows\system32\locale.nls
2017-04-14 16:55 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-04-14 16:55 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-04-14 16:55 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2017-04-14 16:55 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-04-14 16:55 - 2016-09-15 09:56 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2017-04-14 16:55 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2017-04-14 16:55 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2017-04-14 16:55 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2017-04-14 16:55 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2017-04-14 16:55 - 2016-08-22 11:19 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmplpxy.dll
2017-04-14 16:55 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-04-14 16:55 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2017-04-14 16:55 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2017-04-14 16:55 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2017-04-14 16:55 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2017-04-14 16:55 - 2016-05-12 08:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2017-04-14 16:55 - 2016-05-12 08:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2017-04-14 16:55 - 2016-03-23 17:43 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 03181568 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 00546656 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-04-14 16:55 - 2016-03-23 17:40 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2017-04-14 16:54 - 2017-02-11 11:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-04-14 16:54 - 2017-02-11 11:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-04-14 16:54 - 2017-01-11 13:01 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2017-04-14 16:54 - 2017-01-11 12:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2017-04-14 16:53 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2017-04-14 16:51 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2017-04-14 16:51 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2017-04-14 16:51 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2017-04-14 16:51 - 2015-07-22 12:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2017-04-14 16:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2017-04-14 16:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2017-04-14 16:50 - 2017-02-22 18:42 - 00084712 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-04-14 16:50 - 2017-02-22 18:37 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 01609216 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-04-14 16:50 - 2016-03-23 17:40 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-04-14 16:50 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2017-04-14 16:50 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2017-04-14 16:49 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2017-04-14 16:47 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2017-04-14 16:47 - 2014-08-28 21:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-04-14 16:47 - 2014-08-28 20:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-04-14 16:46 - 2016-03-16 13:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 05779456 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2017-04-14 16:46 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-04-14 16:45 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2017-04-14 16:45 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2017-04-14 16:45 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2017-04-14 16:45 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2017-04-14 16:45 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2017-04-14 16:45 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2017-04-14 16:44 - 2016-02-02 13:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-04-14 16:44 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2017-04-14 16:44 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2017-04-14 16:43 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-04-14 16:43 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 10:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 09:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-04-14 16:42 - 2016-02-05 13:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2017-04-14 16:42 - 2016-02-05 13:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2017-04-14 16:42 - 2016-02-05 12:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2017-04-14 16:42 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2017-04-14 16:42 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2017-04-14 16:42 - 2015-06-03 15:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2017-04-14 16:42 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2017-04-14 16:42 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2017-04-14 16:42 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2017-04-14 16:42 - 2011-05-04 00:25 - 02315776 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 02223616 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2017-04-14 16:42 - 2011-05-04 00:19 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2017-04-14 16:42 - 2011-05-03 23:34 - 01549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 01401344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2017-04-14 16:42 - 2011-05-03 23:28 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2017-04-14 16:41 - 2016-08-29 10:31 - 14183424 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:31 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:04 - 03229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-04-14 16:41 - 2016-08-29 09:55 - 02972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-04-14 16:41 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2017-04-14 16:41 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2017-04-14 16:41 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2017-04-14 16:40 - 2016-05-12 12:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2017-04-14 16:40 - 2016-05-12 12:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-03-09 14:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2017-04-14 16:40 - 2016-03-09 13:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2017-04-14 16:40 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-04-14 16:40 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2017-04-14 16:40 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-04-14 16:40 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-01-04 05:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2017-04-14 16:40 - 2012-01-04 03:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccr32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcjt32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccr32.dll
2017-04-14 16:40 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2017-04-14 16:40 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2017-04-14 16:40 - 2011-03-11 01:34 - 01395712 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2017-04-14 16:40 - 2011-03-11 01:34 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01164288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01137664 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2017-04-14 16:39 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2017-04-14 16:39 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2017-04-14 16:39 - 2016-02-03 13:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2017-04-14 16:39 - 2016-01-20 19:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-04-14 16:39 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-04-14 16:39 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2017-04-14 16:39 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-04-14 16:39 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2017-04-14 16:39 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-04-14 16:39 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2017-04-14 16:39 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2017-04-14 16:39 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2017-04-14 16:39 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\windows\system32\psisdecd.dll
2017-04-14 16:39 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\psisrndr.ax
2017-04-14 16:39 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisdecd.dll
2017-04-14 16:39 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisrndr.ax
2017-04-14 16:39 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2017-04-14 16:39 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2017-04-14 16:39 - 2010-12-23 05:42 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\sbe.dll
2017-04-14 16:39 - 2010-12-23 05:36 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2017-04-14 16:39 - 2010-12-23 00:54 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\sbe.dll
2017-04-14 16:39 - 2010-12-23 00:50 - 00199680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2017-04-14 16:38 - 2016-07-07 10:36 - 01896168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-04-14 16:38 - 2016-07-07 10:08 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2017-04-14 16:38 - 2016-03-09 13:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2017-04-14 16:38 - 2016-03-09 13:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2017-04-14 16:38 - 2016-02-04 20:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2017-04-14 16:38 - 2016-02-04 13:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2017-04-14 16:38 - 2016-01-11 14:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2017-04-14 16:38 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2017-04-14 16:38 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2017-04-14 16:38 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-04-14 16:38 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2017-04-14 16:38 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2017-04-14 16:38 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2017-04-14 16:38 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2017-04-14 16:38 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2017-04-14 16:38 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2017-04-14 16:38 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2017-04-14 16:38 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2017-04-14 16:38 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2017-04-14 16:38 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2017-04-14 16:38 - 2011-03-03 01:24 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 01:24 - 00183296 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-04-14 16:38 - 2011-03-03 01:21 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2017-04-14 16:38 - 2011-03-03 00:38 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 00:36 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2017-04-14 16:37 - 2016-05-11 12:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-04-14 16:37 - 2016-05-11 10:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-04-14 16:37 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2017-04-14 16:37 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2017-04-14 16:37 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2017-04-14 16:37 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2017-04-14 16:37 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2017-04-14 16:37 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2017-04-14 16:37 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2017-04-14 16:37 - 2011-12-30 01:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2017-04-14 16:37 - 2011-12-30 00:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2017-04-14 16:10 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2017-04-14 16:10 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2017-04-14 15:56 - 2017-04-14 15:56 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-05 23:41 - 2017-04-05 23:42 - 302321388 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 23:31 - 2017-04-05 23:31 - 12467357 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (192kbit_AAC).m4a
2017-04-05 23:30 - 2017-04-05 23:30 - 00000068 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (Description).txt
2017-04-05 22:55 - 2017-04-05 22:55 - 67769383 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (480p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:51 - 2017-04-05 22:51 - 11271280 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (152kbit_Opus).ogg
2017-04-05 22:50 - 2017-04-05 22:50 - 08342733 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (128kbit_AAC).m4a
2017-04-05 22:50 - 2017-04-05 22:50 - 07782289 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (192kbit_AAC).m4a
2017-04-05 22:49 - 2017-04-05 22:49 - 00000111 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (Description).txt
2017-04-05 22:48 - 2017-04-05 22:50 - 166914741 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:49 - 109776105 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (Description).txt
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 22397676 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (1080p_25fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02674695 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02669174 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02630944 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 01692670 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00953909 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00346925 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00146128 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (128kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080545 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080540 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080181 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00041119 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00001126 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00001120 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000985 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000196 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000152 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000115 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (Description).txt
2017-04-05 22:23 - 2017-04-05 22:23 - 121397723 _____ C:\Users\Kenny\Downloads\Hey Joe 70yo Czech Rocker.mp4
2017-04-05 21:31 - 2017-04-05 21:31 - 00000000 ____D C:\Users\Kenny\Documents\Screencast-O-Matic
2017-04-03 14:37 - 2017-04-03 14:42 - 00000000 ____D C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable
2017-04-03 14:37 - 2017-04-03 14:37 - 00000000 ____D C:\windows\XSxS
2017-04-03 14:33 - 2017-04-03 14:35 - 219384929 _____ C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable.rar
2017-04-02 23:02 - 2017-04-02 23:02 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2017-04-02 23:02 - 2017-04-02 23:02 - 00001106 _____ C:\Users\Public\Desktop\Prism Video File Converter.lnk
2017-04-02 20:54 - 2017-04-02 20:54 - 00262144 _____ C:\windows\Minidump\040217-28282-01.dmp
2017-04-02 20:44 - 2017-04-02 20:44 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-04-02 20:34 - 2017-04-02 20:34 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2017-04-02 20:32 - 2017-04-02 20:32 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-04-02 20:28 - 2017-04-02 20:28 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2017-04-02 20:19 - 2017-04-02 21:03 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\LflhvyQg
2017-04-02 20:19 - 2017-04-02 20:19 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2017-04-02 20:19 - 2017-04-02 20:19 - 00129536 _____ C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2017-04-02 19:56 - 2017-04-02 19:56 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2017-04-02 19:43 - 2017-04-02 19:43 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2017-04-02 19:42 - 2017-04-02 19:42 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2017-04-02 19:42 - 2017-04-02 19:42 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2017-04-02 19:41 - 2017-04-02 19:41 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2017-04-02 19:39 - 2017-04-02 19:39 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2017-04-02 19:39 - 2017-04-02 19:39 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2017-04-02 19:34 - 2017-04-02 19:34 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2017-04-02 19:28 - 2017-04-02 19:28 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-04-02 19:27 - 2017-04-02 19:27 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2017-04-02 19:27 - 2017-04-02 19:27 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00384000 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-04-02 19:26 - 2017-04-02 19:26 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2017-04-02 19:22 - 2017-04-02 19:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2017-04-02 19:03 - 2017-04-02 19:03 - 43868160 _____ C:\windows\system32\config\COMPONENTS.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 117964800 _____ C:\windows\system32\config\SOFTWARE.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00323584 _____ C:\windows\system32\config\DEFAULT.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00028672 _____ C:\windows\system32\config\SECURITY.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00024576 _____ C:\windows\system32\config\SAM.iobit
2017-04-02 18:49 - 2017-04-02 18:49 - 00262144 _____ C:\windows\Minidump\040217-21824-01.dmp
2017-04-02 18:38 - 2017-04-16 19:08 - 00000000 ____D C:\GetNZB Downloads
2017-04-02 18:37 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000979 _____ C:\Users\Kenny\Desktop\GetNZB.lnk
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\Program Files (x86)\GetNZB
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N C:\windows\system32\tprdpw32.exe
2017-03-28 18:22 - 2017-03-28 18:22 - 06113439 _____ (InstallShield Software Corporation) C:\Users\Kenny\Downloads\pci_filerecovery.exe
2017-03-28 18:14 - 2017-03-28 18:14 - 00000000 ____D C:\Program Files\EaseUS
2017-03-28 18:13 - 2017-03-28 18:13 - 16918168 _____ (EaseUS ) C:\Users\Kenny\Downloads\UnDeleteFlashdrives_free.exe
2017-03-24 23:22 - 2017-03-24 21:00 - 03326715 _____ C:\Users\Kenny\Documents\StormyII.wmv
2017-03-24 23:07 - 2017-03-24 21:28 - 04979789 _____ C:\Users\Kenny\Documents\Flounder.wmv
2017-03-24 21:35 - 2017-03-22 22:17 - 00446805 _____ C:\Users\Kenny\Documents\Natives.wmv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-23 12:34 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-23 12:34 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-23 12:26 - 2016-10-02 12:25 - 00000250 _____ C:\windows\SysWOW64\PARTIZAN.TXT
2017-04-17 22:02 - 2016-10-02 12:21 - 00000000 ____D C:\@RestoreQuarantine
2017-04-17 21:59 - 2016-10-02 12:07 - 00000000 ____D C:\ProgramData\RegRun
2017-04-17 21:58 - 2016-10-02 12:07 - 00000000 ____D C:\Users\Kenny\Documents\RegRun2
2017-04-17 21:27 - 2016-02-20 10:47 - 488997878 _____ C:\windows\MEMORY.DMP
2017-04-17 21:27 - 2013-01-13 21:54 - 00000000 ____D C:\windows\Minidump
2017-04-17 19:19 - 2012-07-02 15:29 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\vlc
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\winstart.bat
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\CONFIG.NT
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\AUTOEXEC.NT
2017-04-16 23:01 - 2017-01-01 23:27 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-16 21:14 - 2016-01-17 22:22 - 00196608 _____ C:\windows\system32\Ikeext.etl
2017-04-16 21:14 - 2013-06-05 19:57 - 00000000 ____D C:\windows\pss
2017-04-16 20:52 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-16 20:44 - 2015-12-26 21:55 - 05659609 _____ (Swearware) C:\Users\Kenny\Downloads\ComboFix.exe
2017-04-16 20:40 - 2009-07-14 00:13 - 00786538 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-16 20:40 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2017-04-16 20:38 - 2015-06-21 17:34 - 00000918 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job
2017-04-16 20:03 - 2016-01-31 12:09 - 00003124 _____ C:\windows\System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95}
2017-04-16 20:03 - 2014-01-27 15:04 - 00003154 _____ C:\windows\System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2}
2017-04-16 20:03 - 2014-01-27 15:03 - 00003166 _____ C:\windows\System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5}
2017-04-16 20:03 - 2013-06-05 21:38 - 00003220 _____ C:\windows\System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2}
2017-04-16 20:03 - 2013-04-08 21:02 - 00003086 _____ C:\windows\System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530}
2017-04-16 20:03 - 2012-08-04 10:16 - 00003340 _____ C:\windows\System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809}
2017-04-16 20:03 - 2012-07-07 14:58 - 00003122 _____ C:\windows\System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93}
2017-04-16 20:02 - 2016-10-18 14:55 - 00003318 _____ C:\windows\System32\Tasks\CorelUpdateHelperTaskCore
2017-04-16 19:55 - 2014-09-23 16:42 - 00000000 ___RD C:\Users\Kenny\Dropbox
2017-04-16 17:47 - 2015-06-21 17:34 - 00000866 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job
2017-04-16 14:59 - 2017-01-30 23:44 - 00000000 ____D C:\HSBC
2017-04-16 14:07 - 2009-07-13 22:20 - 00000000 ____D C:\windows\tracing
2017-04-16 10:59 - 2014-05-26 20:13 - 00000000 ____D C:\Users\Kenny\AppData\Local\JDownloader v2.0
2017-04-16 10:58 - 2009-07-13 22:20 - 00000000 ____D C:\windows\AppCompat
2017-04-16 10:50 - 2016-11-23 13:14 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\Mozilla
2017-04-15 14:43 - 2015-03-05 14:30 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\LastPass
2017-04-14 19:53 - 2015-06-21 17:34 - 00000000 ____D C:\Users\Kenny\AppData\Local\Dropbox
2017-04-14 19:51 - 2012-06-23 22:40 - 00001413 _____ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-14 19:41 - 2011-02-12 14:33 - 00000000 ____D C:\windows\Panther
2017-04-14 19:39 - 2009-07-13 23:45 - 05372656 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-14 19:31 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-14 19:17 - 2017-02-28 20:04 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}
2017-04-14 18:20 - 2012-06-27 09:21 - 00778660 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-04-14 15:57 - 2014-09-23 16:37 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Dropbox
2017-04-14 15:52 - 2015-05-22 06:31 - 00032650 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-04-12 20:42 - 2012-06-24 00:38 - 00194848 _____ C:\Users\Kenny\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-10 21:00 - 2014-05-08 13:46 - 00003330 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2
2017-04-10 21:00 - 2013-07-09 11:25 - 00003202 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3
2017-04-10 15:00 - 2016-01-31 17:43 - 00000000 ____D C:\ProgramData\ProductData
2017-04-09 23:02 - 2013-06-02 16:52 - 00000000 ____D C:\windows\System32\Tasks\NCH Software
2017-04-09 19:59 - 2012-06-27 09:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-04-09 19:15 - 2017-02-10 18:28 - 00000000 ____D C:\BCHS
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\ProgramData\ESET
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\Program Files\ESET
2017-04-08 11:34 - 2017-01-02 00:04 - 00002096 _____ C:\Users\Kenny\Desktop\Advanced SystemCare 10.lnk
2017-04-07 19:01 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2017-04-03 23:34 - 2013-01-31 23:31 - 00000000 ____D C:\Art
2017-04-02 23:02 - 2017-03-10 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2017-04-02 23:02 - 2017-03-10 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-30 19:40 - 2012-07-02 15:23 - 00091136 _____ C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-29 15:32 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-28 18:23 - 2011-04-26 21:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-28 15:27 - 2016-11-18 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-25 16:52 - 2012-07-01 22:54 - 00000132 _____ C:\Users\Kenny\AppData\Roaming\Adobe PNG Format CS5 Prefs

==================== Files in the root of some directories =======

2015-05-30 21:45 - 2007-03-31 16:34 - 129165278 _____ (Corel Corporation) C:\Program Files\CorelDRW.exe
2012-10-08 21:43 - 2012-10-08 21:43 - 62664192 _____ () C:\Program Files\eset_nt64_enu.msi
2016-05-05 18:51 - 2016-05-05 18:51 - 1505408 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetup.exe
2015-03-05 14:30 - 2015-03-05 14:30 - 14242360 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-07-24 17:09 - 2016-07-24 17:09 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2014-03-13 08:30 - 2017-02-19 14:47 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-12-15 12:42 - 2013-12-15 12:42 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-07-01 22:54 - 2017-03-25 16:52 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-04-02 20:19 - 2017-04-02 20:19 - 0129536 _____ () C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2012-08-10 16:12 - 2012-08-10 16:40 - 0557056 _____ () C:\Users\Kenny\AppData\Roaming\SharedSettings.ccs
2017-04-02 20:19 - 2017-04-02 20:19 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2012-07-02 15:23 - 2017-03-30 19:40 - 0091136 _____ () C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-03 20:56 - 2013-10-03 20:56 - 0000026 ____H () C:\ProgramData\.811261211181235583101118113995
2014-02-04 23:17 - 2016-10-02 12:33 - 0007289 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
2017-04-09 19:17 - 2012-08-30 18:19 - 4327024 _____ (Foxit Corporation) C:\Users\Kenny\AppData\Local\Temp\Foxit Updater.exe
2017-04-03 13:53 - 2017-04-03 13:53 - 0126976 __RSH () C:\Users\Kenny\AppData\Local\Temp\intel.exe
2017-04-16 10:57 - 2017-04-16 10:57 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole1100576980623147388.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole3758753963961335315.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 _____ () C:\Users\Kenny\AppData\Local\Temp\proxy_vole825817276371365189.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\SysWOW64\wininit.exe => MD5 is legit
C:\windows\explorer.exe
[2017-04-14 16:41] - [2016-08-29 10:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA

C:\windows\SysWOW64\explorer.exe
[2017-04-14 16:41] - [2016-08-29 09:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935

C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\SysWOW64\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll
[2017-04-14 16:55] - [2016-11-10 11:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542

C:\windows\SysWOW64\User32.dll
[2017-04-14 16:55] - [2016-11-10 11:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C

C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\SysWOW64\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\dnsapi.dll => MD5 is legit
C:\windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2017-04-07 18:52

==================== End of FRST.txt ============================



#6 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 24 April 2017 - 08:39 AM

Thanks, Gary

 

Pasted below is the Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2017
Ran by Kenny (23-04-2017 12:39:53)
Running from H:\Antivirus
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-24 03:39:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1182291490-1180826050-772089516-500 - Administrator - Disabled)
Guest (S-1-5-21-1182291490-1180826050-772089516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1182291490-1180826050-772089516-1003 - Limited - Enabled)
Kenny (S-1-5-21-1182291490-1180826050-772089516-1001 - Administrator - Enabled) => C:\Users\Kenny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2 (HKLM-x32\...\3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2) (Version: 3dsMaxDesign2015_SP2 - 3dsMaxDesign2015_SP2)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Advanced SystemCare PRO v10.0.3.620 1.00 (HKLM-x32\...\Advanced SystemCare PRO v10.0.3.620 1.00) (Version: 1.00 - IOBit)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk 3ds Max Design 2015 (HKLM\...\Autodesk 3ds Max Design 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max Design 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max Design 2015 64-bit (HKLM\...\{1C4FFAF0-5DBB-4F7A-A386-46747D060826}) (Version: 17.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max Design 2015 (HKLM\...\{D7DEFF4A-BB64-48CC-81AB-845BA62D6032}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.3.1114 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Capture (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common Apps (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Connect (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Core (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Custom Data (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Designer (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Draw (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - EN (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Filters (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - FontNav (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Content (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Lattice (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - PHOTO-PAINT (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Photozoom Plugin (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Redist (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Setup Files (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VBA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VideoBrowser (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VSTA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Writing Tools (x64) (Version: 16.4 -  Corel Corporation) Hidden
CorelDRAW Technical Suite X6 (64-Bit) (HKLM\...\_{E2FC299D-38D5-424F-BAB8-D24E07A3A58A}) (Version: 16.3.0.1114 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Document Capture Pro (HKLM-x32\...\{C3C7DD77-6034-48A4-BE26-7F10F7357228}) (Version: 1.00.0004 - Seiko Epson Corporation)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)
EasyLog USB (HKLM-x32\...\{073136C3-4A9F-4300-BDEA-8BB3FFD66962}) (Version: 7.2.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version:  - Lascar Electronics Ltd.)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 1.30.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.00.0000 - SEIKO EPSON Corp.)
EPSON WorkForce DS-30 Scanner Driver Update (HKLM-x32\...\{7F75CDB7-4F59-409E-9704-792214A262F8}) (Version:  - )
ESET NOD32 Antivirus (HKLM\...\{1ECE2323-0C41-412D-B7EF-1997F810C439}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileFinder (HKLM-x32\...\FileFinder) (Version: 1.0.1 - Webitar Production Inc.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
GetNZB version 1.404 (HKLM-x32\...\GetNZB_is1) (Version: 1.404 - )
Golden Videos VHS to DVD Converter (HKLM-x32\...\GoldenVideos) (Version: 3.04 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Image Downloader v1.0 (HKLM-x32\...\{E6097F72-3D12-4ACF-8868-3C938DA36AB8}) (Version: 1.1.0 - Google Image Downloader)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (x32 Version: 2.5 - honestech) Hidden
HostsMan 4.6.103 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.6.103.0 - abelhadigital.com)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2246 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
IPM_Common_x64 (Version: 2.3 - Your Company Name) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junior Icon Editor (HKLM-x32\...\Junior Icon Editor) (Version: 4.33 - SibCode)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kestrel Communicator (HKLM-x32\...\{B8FAE663-DCC4-40E3-966D-4AE5B181769C}) (Version: 2.1.1 - Nielsen-Kellerman)
Kodi (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Kodi) (Version:  - XBMC-Foundation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Magic ISO Maker v5.3 (build 0229) (HKLM-x32\...\Magic ISO Maker v5.3 (build 0229)) (Version:  - )
Malwarebytes Anti-Malware version 1.65.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.0.1400 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 en-US)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero BurningROM 12 (HKLM-x32\...\{DCF34348-8673-4E60-97E5-1CBC0D7293AC}) (Version: 12.5.01100 - Nero AG)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.18.00 - NETGEAR Inc.)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Online Application Installer (x32 Version: 2.0.0 - Microleaves) Hidden <==== ATTENTION
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
ParticleShop - Core (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (Version: 1.3 - Corel Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.31 - NCH Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.63 - NCH Software)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
ProShow Producer version 8.0.3648 (HKLM-x32\...\{5FFCED89-D154-462E-B9EB-9A8D26A7C027}_is1) (Version: 8.0.3648 - Photodex)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Runtime VS2005 SP1 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 All 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 OpenMP 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 x64 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Noise Reduction Plug-In 2.0e (HKLM-x32\...\{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}) (Version: 2.0.444 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}) (Version: 9.0.297 - Sony)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnHackMe 8.00 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.2.17 - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.30 - NCH Software)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VSDC Free Video Editor version 3.3.5.411 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.3.5.411 - Flash-Integro LLC)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless USB WinDrivers (HKLM-x32\...\InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}) (Version: 14.2.77.6 - IOGEAR)
Wireless USB WinDrivers (Version: 14.2.77.6 - IOGEAR) Hidden
XVL Player / XVL Player Pro (Ver. 9 or later) 64-bit Edition (HKLM-x32\...\{936575FE-E49B-4CE9-9934-0329727476C8}) (Version: 12.1a - Lattice Technology)
XVL Studio 3D Corel Edition x64 (HKLM-x32\...\{137926AA-703D-4382-81A7-BD30EDAFB6C9}) (Version: 1.0 - Lattice Technology)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08FD617A-5121-4404-8D0C-7DDAC62B4FB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {09F3B29E-26BD-4E14-9C02-BC1D05B5CF83} - System32\Tasks\Driver Booster SkipUAC (Kenny) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {34840C07-9C36-4FEF-9509-17173B8766FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {378420EA-BC69-43D7-9292-7F62BD0F0A48} - System32\Tasks\Uninstaller_SkipUac_Kenny => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-24] (IObit)
Task: {58A3DC5A-FCAB-405F-8D41-1249FBA1E3BB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {785F9FAA-8BEF-4FB0-88A5-A6F710809BA4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-08-25] (Corel Corporation)
Task: {798F5CD2-518D-45EB-B0EF-54C961AB18F6} - System32\Tasks\ASC10_SkipUac_Kenny => C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASC.exe [2016-10-21] (IObit)
Task: {8D371BEF-E4C7-45E0-AEA8-B422A0088D52} - System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809} => pcalua.exe -a C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0\setup.exe -d C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0
Task: {8DCC176C-438F-457E-8B2E-104CEFF63F0B} - System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95} => pcalua.exe -a C:\PROGRA~2\ULTIMA~1\UNWISE.EXE -c C:\PROGRA~2\ULTIMA~1\INST.LOG
Task: {8DF637C4-5338-4042-9DA0-2E593842A5B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70 => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {97B2A286-7586-4A29-9F54-D045B6B40E3B} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A28A7D1A-BAFA-4B82-8332-D6B3D47AA83C} - System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2} => pcalua.exe -a G:\Hold\Downloads\SolidWorks\2013\Crack\SW2010-2013.Activator.SSQ.exe -d G:\Hold\Downloads\SolidWorks\2013\Crack
Task: {A2DA51AF-80A8-44AF-AD1F-BCB60A540308} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {A67E2D73-4BB3-4F0E-8CC5-848A26731591} - System32\Tasks\Opera scheduled Autoupdate 1425845139 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {BA9BED31-1EFC-44BF-BED6-BB00EA6112EA} - System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5} => pcalua.exe -a "C:\Users\Kenny\Downloads\AutodeskDesignRevSetup (1).exe" -d C:\Users\Kenny\Downloads
Task: {BD85579D-AFC2-4AE0-A95A-40A4861CA235} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BE8D9B8E-1488-46EF-9BD1-0A49134CB08A} - System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93} => pcalua.exe -a C:\Users\Kenny\Documents\Agent7.exe -d C:\Users\Kenny\Documents
Task: {D53CA6E0-39B8-4022-9658-7022EEEB7638} - System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2} => pcalua.exe -a C:\Users\Kenny\Downloads\AutodeskDesignRevSetup.exe -d C:\Users\Kenny\Downloads
Task: {D8A49DAE-36A1-457B-9CE7-A7DC8F1ACDDA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E18569BF-346B-4BEB-9904-61D8508205EA} - System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530} => pcalua.exe -a G:\Hold\Nero\NeroPortable.exe -d G:\Hold\Nero
Task: {F70E58AD-CC4D-4465-8258-74AE3F4EBD01} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\UnHackMe Task Scheduler.job => O:\UnHackMe\hackmon.exe $(Arg0)  Greatis Software, LLC. ?Part of RegRun Suite/UnHackMe software. hxxp:/www.greatis.com
Task: C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job => C:\windows\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Kenny\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) ==============

2016-06-30 03:23 - 2016-11-13 18:31 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2014-05-01 14:29 - 2014-05-01 14:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-11-19 05:22 - 2010-11-11 23:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N () C:\windows\system32\tprdpw32.exe
2010-08-18 16:38 - 2010-08-18 16:38 - 00055608 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\CompInfo.dll
2010-12-20 19:53 - 2010-12-20 19:53 - 00094016 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WUSBResource.dll
2012-06-27 09:01 - 2009-08-16 19:06 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 04:49 - 2014-05-12 04:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2011-04-26 22:02 - 2009-07-16 11:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2011-04-26 22:02 - 2007-12-31 12:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2015-12-02 11:58 - 2015-11-16 13:32 - 00919040 _____ () C:\windows\mod_frst.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:NA9neJm8azOWRQimgVEJ [1984]
AlternateDataStreams: C:\ProgramData\Microsoft:N22G5oeVojqAN0YRATXc4 [2324]
AlternateDataStreams: C:\ProgramData\Microsoft:ScZA6zOFIgdVBGXsFu5qj3 [2088]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]
AlternateDataStreams: C:\Users\Kenny\Cookies:dbDELzmMFy1QJZSKPtVcBkjxTNbs [2018]
AlternateDataStreams: C:\Users\Kenny\Cookies:UNyxI5x0ybWi460VVi13 [2376]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-10-19 15:27 - 00002047 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 www.autodesk.com
127.0.0.1 autodesk.com
127.0.0.1 www.corel.com
127.0.0.1 corel.com
127.0.0.1 www.coreldraw.com
127.0.0.1 coreldraw.com127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com

There are 28 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 3
MSCONFIG\Services: AdAppMgrSvc => 3
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_64 => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: Dataup =>
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: EpsonScanSvc => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: hpqcxs08 => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: mi-raysat_3dsmax2015_64 => 3
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: Net Driver HPZ12 => 2
MSCONFIG\Services: NETGEARGenieDaemon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: Pml Driver HPZ12 => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: PSI_SVC_2_x64 => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: realtek_amd64 => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: ShellHWDetection => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: windowsmanagementservice =>
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk => C:\Windows\pss\SolidWorks Background Downloader.lnkCommon Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UMonit => C:\windows\SysWOW64\UMonit.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{265E4909-8F20-41C5-A4C4-151D1829DE0E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3DADDB29-ECA7-41D9-8249-990DC3B81E40}] => (Allow) LPort=2869
FirewallRules: [{7B5C4703-0DC6-494A-A570-DD0C79FDF54B}] => (Allow) LPort=1900
FirewallRules: [{8DC4FBA7-8ABB-4552-9EE3-459650219D8B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A9BB1148-6471-4413-814C-85464B7DFA78}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F75A7D92-2FA3-4355-A465-C1E8677BC22C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{8F19CBB5-095D-47B5-97F8-02BC3AA4D21D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E7B07342-CC73-45B0-B494-71F90CAA45B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{C895FAED-C7F9-4613-838C-E0E5A07F9A34}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{20639599-951D-425C-8B1F-2D90DDF0964B}] => (Allow) LPort=7935
FirewallRules: [{CAE8E549-0F39-4C4D-B721-9E87FEACAE18}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{2A5922BB-A443-4A5C-AC2A-2AA1FDBCBB28}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{1C83CB30-F3B5-4BCB-AAAC-E3B9259DC9E0}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{5E69FF16-DD1D-40B6-B047-77D21BF3F384}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{167AF32E-37A4-4B9B-869F-C6598C3E768D}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{AD36BDC4-CD13-48E1-A1BD-2949F6FDDFF2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{2AEB89F3-0857-4EA8-ADC8-4E224A254EEC}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [{8F558CB3-A440-41BD-BB7D-58710207CF2A}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [TCP Query User{4D1AC42A-60A7-4867-B92A-3DA4DF91BE50}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{415069A8-1523-4898-B816-32DB4098A26C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{12FE872A-DBF2-4D6C-95AD-91B95A02ABE7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{607DFBD9-E65F-4BCD-99BE-FA499614D8D2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{0A67C560-FB4D-4604-8536-E9CCE1F4DED9}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{86973699-DDC4-4ACB-9128-F3D3A097AA59}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [TCP Query User{9D07D42F-2A0A-4CBA-9308-D3EBC416877A}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{1C836163-4814-4938-AC21-7614693C1171}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [{62D1D53D-B2B3-4FB5-A083-269E55FF7727}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{7CAA77C5-A5B8-4434-98B0-B7D9A6D022D9}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{B313C5B1-8774-405A-A7E7-5E8F41E4D517}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0F0C22A9-C0B3-4DFE-87B6-6C71C012BDC1}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D6166114-5E09-47D6-ACD1-361FD7ED15D5}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30077A69-F6B6-44E4-BB22-C87644243013}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C7B665FE-2A37-493F-A99E-D03298BA1402}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0F1AA537-9F6D-4B4E-A7F3-FB11A0AB66C6}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4349BC9C-FAB0-4731-BEA7-570856F379A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9AAD1FAD-4425-4F82-80B7-307EFD982572}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5057CBFE-FCB4-4C17-9ECC-99609AC009DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6D27503F-4EF9-4241-AC71-9FD497FDB70D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9F8A352B-2E35-49AA-856B-F3D9B147B71B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BFCF7861-E3DE-4CA1-AA58-72A1C2646271}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{EE7C6976-B54F-4738-B433-036A352A69ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4C203461-7E7C-47AD-B8AF-BF8684F42E8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{7122E32B-C7EE-45A5-9E81-B613CB21DC06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2F1855CC-0ADD-4032-8318-AF1A8A429498}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{12D5F143-980E-4DCA-97A8-B44D3B0ACE5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{37FC62B7-50E4-4BAC-9AC3-FBA1BAFF7905}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7A2E0995-AB75-42EA-92BD-C23A912C5A9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B394E128-D387-42D3-B869-C339561BC8F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{E470CD50-D104-4ABA-9EB8-DB6457DEA26C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F7096A3C-3A7E-4806-B251-D8CD66D169BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C3F615FB-80F2-499C-8CBC-8F56FA81DD73}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{15179C9F-E19B-4286-9FCB-A61730F383EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{3DE6BCD5-B859-4C0F-AD28-06648BD58176}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{CC2C6181-53EF-4CCC-99F7-FE379FE82EF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{84D883AD-A125-470E-8EA5-6BEB0A18D447}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0FEE17A8-421C-4A87-9F06-7ED6CEF5B831}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{7461D573-3907-49AB-A0DA-2E28801465F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5ADE9BD7-4DB3-4481-BF41-053F76269DBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{222A650E-2ADF-4066-ABA2-2F600A92E90D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{36FE8C8B-4105-4F05-BEB0-F855C0228D29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{420ED225-FAF9-4B68-89FE-18F29AC81808}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4C0DB2C9-285D-40D4-875D-41728F857E12}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{93DC2DE1-A0FD-46BE-8231-1AC1D04C9A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52DE9E70-F821-4DF5-B75E-858144FF199F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A39CD35-5B8A-41ED-9077-EF2AF74F3643}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{183712CF-413D-4BAE-9CE2-6150ABBD99C3}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{7BFF4701-73BE-4641-8F81-0572E34187C6}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{1928AE09-3766-4414-9EA1-66FD9362E94A}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{9F2E6A43-7BDB-4DC3-9CF5-5D4E740BBFC3}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{473603DA-508D-4DFE-84B1-2A12B161C487}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{6D98085D-F83F-40B9-903F-35D6EA4542C0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{AA9287BD-EBFB-4230-90FC-CA868E65A6B9}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [TCP Query User{C6540BA5-5444-4FC2-BCA9-CA9D36260BA8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{91AD566A-41BF-4CED-AB40-1F4226BAA766}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{649C12AA-A282-4A79-B01E-10EF74CC9A05}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{20A5184D-BE09-4D75-A4F4-86475C11EB9F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{4B7FD53F-5087-472F-8EB2-011D8209E614}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{ABD5E5DE-3909-4D4B-B5F4-71A7631799FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2DAB4DA7-1191-41CD-91AE-17112F3A4DE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{E4EA45A0-D360-46B3-AD57-11497847B2DA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{1E932A4E-65AC-4400-96DB-5450F8064415}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{6947C71A-1FC1-4CEF-922C-CED9722E937D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{B997C707-1DAE-46B4-8DD2-68A8B264BCDC}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{72AC4099-C5E6-45C1-9C95-D6793F80F7D4}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{E3F6D59B-C1AC-4001-8A8B-89C8B4C8DC13}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{CF624B1A-79BF-4942-9282-38DB4EEA1F73}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{A70F35CF-42DC-4057-8E5E-591ABCA0A817}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{1E104000-2A69-4EBA-B30D-4D1B05A5E106}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{F13D9B33-FBE6-4A72-8D72-C15F578DE145}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{CDCB19D8-20DC-484D-BF6D-A05E635D7B99}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [TCP Query User{905DFB28-6E75-4137-8F7C-2B0775321C5C}C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe] => (Allow) C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe
FirewallRules: [UDP Query User{276B76D0-EBC0-45FA-9CEA-568880A45C7D}C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe] => (Allow) C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe
FirewallRules: [TCP Query User{7104BA23-2698-4027-8BEC-B32881DDF072}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{66930B94-9B86-4F01-A740-37FA89F4F397}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{655915FF-ACD3-4663-99C0-2464B4997A9A}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{B1E45A98-DC06-4917-93A9-210C176E1709}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{FBDA2001-EA7D-4DF4-B4C1-8FDCA2EB79F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{836BF431-9721-4686-9D35-EC2485C0735D}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [{ECFC2DF0-FE8C-497E-8774-EE1E030E47E0}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [TCP Query User{8DDA7F2D-3F0C-41DA-854A-ACB37A3386EB}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{6FEB2462-BF84-41E0-A0A2-6A358598B5BA}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{0D2403A5-8C68-4568-8FE9-0B3AECCEAFCE}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{7A6CFEA9-7254-4842-9812-9332F8F8579C}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
StandardProfile\AuthorizedApplications: [C:\Users\Kenny\AppData\Local\Temp\Disk Space Cache.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\Corel Draw 11 Portable 100 Working.rar yEnc 1 10\autoextracted\Corel Draw 11 Portable (100 Working).exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\CorelDraw Graphics Suite X6 16.0.0.707 2012Eng.rar\autoextracted\CorelDraw Graphics Suite X6 16.0.0.707 (2012Eng).exe] => Enabled:Windows Messanger

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2017 08:54:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2017 08:37:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2017 07:50:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2017 12:08:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKEngine.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 12:08:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKCmdFS.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 12:08:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKCmdDefrag.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 12:08:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKCmdCaps.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 11:35:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKEngine.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 11:35:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKCmdFS.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2017 11:35:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe after effects cs5.5\support files\(pci)\setup\resources\libraries\ARKCmdDefrag.dll".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/23/2017 12:37:41 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"740"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

Error: (04/23/2017 12:29:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/23/2017 12:29:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.

Error: (04/23/2017 12:27:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/23/2017 12:27:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error:
The requested resource is in use.

Error: (04/16/2017 09:14:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
Access is denied.

Error: (04/16/2017 08:58:49 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {56EA1054-1959-467F-BE3B-A2A787C4B6EA}. The error:
"170"
Happened while starting this command:
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/16/2017 08:55:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/16/2017 08:55:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.

Error: (04/16/2017 08:53:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LiveUpdate service failed to start due to the following error:
The requested resource is in use.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU G620 @ 2.60GHz
Percentage of memory in use: 16%
Total physical RAM: 5992.44 MB
Available physical RAM: 5011.31 MB
Total Virtual: 11983.06 MB
Available Virtual: 11031.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:86.98 GB) NTFS
Drive d: (JVC DVD_ROM ) (CDROM) (Total:1.75 GB) (Free:0 GB) UDF
Drive e: (Old Drive) (Fixed) (Total:931.51 GB) (Free:33.75 GB) NTFS
Drive h: () (Removable) (Total:59.13 GB) (Free:39.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 032E13D2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 96287ECE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 2 (Size: 59.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,713 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:04 AM

Posted 24 April 2017 - 12:07 PM

Greetings and thank you for the information and your patience.

Your computer is very heavily infected. I am going to request you completely uninstall any products for which you do not have a valid Product Key, including all "cracked" software. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the below listed programs (and any other unauthorized programs) please run CKScanner after removal and rerun FRST, posting all 3 generated reports.

Programs to remove:

Autodesk
Corel
Adobe



===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • CKScanner report
  • FRST report
  • Addition report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 26 April 2017 - 11:53 AM

Thanks again, Gary, for assisting me resolve my computer health problems.

 

I attempted to remove the software, per your directions. I was unable to remove any programs via the control panel. I was prompted to use a program from an unknown publisher to remove the programs. I elected not to allow the prompt to run. I will include a screen shot of the prompt. I did accomplish the scans requested and will post them as replies to this posting. Thanks.Attached File  Print_Screen.jpg   112.25KB   0 downloads



#9 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 26 April 2017 - 11:54 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017
Ran by Kenny (administrator) on KENNY-PC (25-04-2017 21:51:13)
Running from H:\Antivirus
Loaded Profiles: Kenny (Available Profiles: Kenny)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Windows\System32\tprdpw32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Wisair Ltd.) C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [cpx] => "C:\Users\Kenny\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Kenny\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKLM-x32\...\Run: [WirelessUSBManager] => C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe [3666256 2010-08-18] (Wisair Ltd.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-05-17] (Macrovision Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [GoogleChromeAutoLaunch_B2C6E0CC5A2A25373676C3A06457B47B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASCTray.exe [3078432 2016-10-18] (IObit)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
Startup: C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2009-09-20] (Hewlett-Packard Co.)
BootExecute: autocheck autochk * Partizan
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:59463;https=127.0.0.1:59463
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 69.1.30.42 69.1.30.43
Tcpip\..\Interfaces\{61EFE29E-D40B-4C22-B3F9-5D9FDC44B62D}: [DhcpNameServer] 69.1.30.42 69.1.30.43

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-03-05] (LastPass)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03] (IObit)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.4.cab
Handler: skype4com - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default [2017-04-16]
FF user.js: detected! => C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\user.js [2017-01-02]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\evn6x5fb.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\evn6x5fb.default -> hxxp://www.google.com/
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18]
FF Extension: (LastPass) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\Extensions\support@lastpass.com [2017-03-24]
FF Extension: (Disable Prefetch) - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\features\{068e10b6-21a1-4c8c-9f1c-4e4a9fd10571}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5 [2015-11-15] [not signed]
FF HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kenny\AppData\Roaming\IDM\idmmzcc5
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-05] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-01-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-14] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-05] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\windows\Photodex Presenter\npPxPlay.dll [2017-03-12] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @talk.google.com/O1DPlugin -> C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1182291490-1180826050-772089516-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kenny\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kenny\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default [2017-04-25]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S4 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASCService.exe [462624 2016-10-14] (IObit)
S4 CableAssociation; C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe [1461064 2010-07-07] (Wisair Ltd.)
S3 Dataup; C:\Users\Kenny\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2836296 2016-12-14] (ESET)
S4 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [133552 2011-06-09] (Seiko Epson Corporation)
S4 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S4 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] () [File not signed]
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-08-26] (NETGEAR)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 realtek_amd64; C:\Users\Kenny\AppData\Local\Temp\WS\realtek_amd64.exe [8704 2017-04-16] () [File not signed] <==== ATTENTION
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-04-02] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Kenny\AppData\Local\imukl\ct.exe [947200 2017-03-29] (Google Inc.) [File not signed] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 DLCopyFilter; C:\windows\System32\Drivers\wsr_tbf.sys [52736 2010-07-21] ()
R0 drmkpro64; C:\windows\System32\drivers\ndistpr64.sys [78112 2013-09-28] () [File not signed] <==== ATTENTION
S3 DWA; C:\windows\System32\DRIVERS\WSR_DWA.SYS [570880 2010-08-05] ()
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [70960 2017-01-17] (ESET)
S3 ESETOlmarikOlmascoCleaner; C:\windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [157384 2014-07-15] ()
R3 GeneStor; C:\windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-16] (GenesysLogic)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-05-30] (SafeNet Inc.)
S3 hwa; C:\windows\System32\DRIVERS\WSR_HWA.SYS [947200 2010-08-05] ()
S3 HWARadio; C:\windows\System32\DRIVERS\WSR_RCI.SYS [165376 2010-08-05] ()
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-02] (REALiX™)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NPF; C:\windows\System32\drivers\NPF.sys [35344 2016-01-31] (CACE Technologies, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2017-04-17] (Greatis Software)
R0 PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [871408 2012-06-27] () [File not signed]
R3 vmulti; C:\windows\System32\DRIVERS\vmulti.sys [19504 2016-01-13] (Windows ® Win 7 DDK provider)
S3 X86BDA; C:\windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
U3 a48134rm; C:\Windows\System32\Drivers\a48134rm.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix_10-02-16\catchme.sys [X]
S3 cpuz138; \??\C:\Users\Kenny\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [X]
S3 WSR_USF; System32\Drivers\WSR_USF.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-23 12:31 - 2017-04-25 21:51 - 00000000 ____D C:\FRST
2017-04-17 21:27 - 2017-04-17 21:28 - 00262144 _____ C:\windows\Minidump\041717-30420-01.dmp
2017-04-17 21:26 - 2017-04-17 21:26 - 00262144 _____ C:\windows\Minidump\041717-29546-01.dmp
2017-04-17 16:43 - 2017-04-17 16:43 - 00040304 _____ (Greatis Software) C:\windows\SysWOW64\Drivers\Partizan.sys
2017-04-17 16:18 - 2017-04-17 16:18 - 00000000 ____D C:\ProgramData\WRData
2017-04-16 23:21 - 2017-04-17 21:56 - 00000378 _____ C:\windows\Tasks\UnHackMe Task Scheduler.job
2017-04-16 23:21 - 2017-04-17 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2017-04-16 23:21 - 2017-04-17 16:45 - 00000586 _____ C:\Users\Kenny\Desktop\UnHackMe.lnk
2017-04-16 22:49 - 2017-04-16 22:49 - 00464022 _____ C:\Users\Kenny\Desktop\regrunlog.txt
2017-04-16 22:27 - 2017-04-16 22:27 - 00000045 _____ C:\Users\Kenny\Downloads\Unhackme_Key.txt
2017-04-16 21:25 - 2017-04-16 21:25 - 00000274 ____H C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job
2017-04-16 20:59 - 2017-04-17 21:58 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2017-04-16 20:59 - 2017-04-16 20:59 - 00003324 _____ C:\windows\System32\Tasks\UnHackMe Task Scheduler
2017-04-16 20:59 - 2017-04-14 12:48 - 00014984 _____ (Greatis Software, LLC.) C:\windows\SysWOW64\Drivers\UnHackMeDrv.sys
2017-04-16 20:59 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\windows\system32\partizan.exe
2017-04-16 20:58 - 2017-04-14 12:48 - 18681008 _____ (Greatis Software, LLC. ) C:\Users\Kenny\Downloads\unhackme_setup.exe
2017-04-16 20:56 - 2017-04-16 20:58 - 18656117 _____ C:\Users\Kenny\Downloads\unhackme.zip
2017-04-16 20:44 - 2017-04-16 20:45 - 00000000 ___SD C:\32788R22FWJFW
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\llssoft
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\CEF
2017-04-16 19:59 - 2017-04-17 22:43 - 00000000 ____D C:\Users\Kenny\AppData\Local\ntuserlitelist
2017-04-16 19:54 - 2017-04-16 19:54 - 00002886 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Kenny)
2017-04-16 19:48 - 2017-04-16 19:48 - 00262144 _____ C:\windows\Minidump\041617-40934-01.dmp
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-04-16 19:46 - 2017-04-16 21:38 - 00000000 ____D C:\Program Files (x86)\s5
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\c
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\szkec
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\imukl
2017-04-16 19:44 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\AdvinstAnalytics
2017-04-16 19:43 - 2017-04-16 19:44 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microleaves
2017-04-16 19:42 - 2017-04-16 19:43 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\AGData
2017-04-16 19:42 - 2017-04-16 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-04-16 19:41 - 2017-04-16 21:37 - 00000000 ____D C:\Program Files (x86)\AnonymizerGadget
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ___SD C:\windows\system32\CompatTel
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ____D C:\windows\system32\appraiser
2017-04-14 19:07 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:07 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2017-04-14 18:58 - 2017-04-14 18:58 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 17:34 - 2017-04-14 17:34 - 148601744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-04-14 17:34 - 2017-04-14 17:34 - 00000000 ____D C:\windows\system32\MRT
2017-04-14 16:57 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2017-04-14 16:57 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2017-04-14 16:56 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2017-04-14 16:56 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2017-04-14 16:56 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2017-04-14 16:56 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2017-04-14 16:56 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2017-04-14 16:55 - 2017-03-24 17:50 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-04-14 16:55 - 2017-03-24 17:42 - 00313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 03165184 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:30 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-04-14 16:55 - 2017-03-22 10:24 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:17 - 02651136 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2017-04-14 16:55 - 2017-03-14 10:34 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-04-14 16:55 - 2017-03-14 10:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-04-14 16:55 - 2017-03-14 10:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-04-14 16:55 - 2017-03-10 11:35 - 00382696 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:27 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:20 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:00 - 03219968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-04-14 16:55 - 2017-03-10 10:53 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-04-14 16:55 - 2017-03-08 15:20 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-04-14 16:55 - 2017-03-08 15:10 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-04-14 16:55 - 2017-03-07 23:37 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:36 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-04-14 16:55 - 2017-03-07 23:36 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-04-14 16:55 - 2017-03-07 23:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 02064384 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:26 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-04-14 16:55 - 2017-03-07 23:26 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:24 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01416192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-04-14 16:55 - 2017-03-07 23:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-04-14 16:55 - 2017-03-07 23:00 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-04-14 16:55 - 2017-03-07 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-04-14 16:55 - 2017-03-07 22:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-04-14 16:55 - 2017-03-07 22:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-04-14 16:55 - 2017-03-07 22:55 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-04-14 16:55 - 2017-03-07 22:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 22:54 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-04-14 16:55 - 2017-03-07 22:53 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 11:30 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 11:17 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 09:05 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\mfmjpegdec.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 00077312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmjpegdec.dll
2017-04-14 16:55 - 2017-02-14 11:33 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-04-14 16:55 - 2017-02-14 11:19 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2017-04-14 16:55 - 2017-02-11 10:58 - 00462848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-04-14 16:55 - 2017-02-10 11:32 - 00803328 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2017-04-14 16:55 - 2017-02-10 11:17 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2017-04-14 16:55 - 2017-02-09 10:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-06 11:14 - 00733696 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-04-14 16:55 - 2017-01-18 10:36 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2017-04-14 16:55 - 2017-01-11 13:01 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-04-14 16:55 - 2017-01-11 12:43 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-04-14 16:55 - 2016-11-21 13:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2017-04-14 16:55 - 2016-11-20 11:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2017-04-14 16:55 - 2016-11-20 09:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-04-14 16:55 - 2016-11-17 11:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2017-04-14 16:55 - 2016-11-10 11:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-04-14 16:55 - 2016-11-10 11:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2017-04-14 16:55 - 2016-11-09 11:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2017-04-14 16:55 - 2016-11-09 11:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2017-04-14 16:55 - 2016-11-09 10:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2017-04-14 16:55 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\quick.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\phon.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\quick.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\phon.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2017-04-14 16:55 - 2016-10-11 08:18 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2017-04-14 16:55 - 2016-10-11 08:17 - 00419648 _____ C:\windows\system32\locale.nls
2017-04-14 16:55 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-04-14 16:55 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-04-14 16:55 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2017-04-14 16:55 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-04-14 16:55 - 2016-09-15 09:56 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2017-04-14 16:55 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2017-04-14 16:55 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2017-04-14 16:55 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2017-04-14 16:55 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2017-04-14 16:55 - 2016-08-22 11:19 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmplpxy.dll
2017-04-14 16:55 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-04-14 16:55 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2017-04-14 16:55 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2017-04-14 16:55 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2017-04-14 16:55 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2017-04-14 16:55 - 2016-05-12 08:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2017-04-14 16:55 - 2016-05-12 08:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2017-04-14 16:55 - 2016-03-23 17:43 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 03181568 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 00546656 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-04-14 16:55 - 2016-03-23 17:40 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2017-04-14 16:54 - 2017-02-11 11:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-04-14 16:54 - 2017-02-11 11:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-04-14 16:54 - 2017-01-11 13:01 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2017-04-14 16:54 - 2017-01-11 12:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2017-04-14 16:53 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2017-04-14 16:51 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2017-04-14 16:51 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2017-04-14 16:51 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2017-04-14 16:51 - 2015-07-22 12:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2017-04-14 16:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2017-04-14 16:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2017-04-14 16:50 - 2017-02-22 18:42 - 00084712 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-04-14 16:50 - 2017-02-22 18:37 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 01609216 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-04-14 16:50 - 2016-03-23 17:40 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-04-14 16:50 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2017-04-14 16:50 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2017-04-14 16:49 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2017-04-14 16:47 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2017-04-14 16:47 - 2014-08-28 21:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-04-14 16:47 - 2014-08-28 20:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-04-14 16:46 - 2016-03-16 13:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 05779456 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2017-04-14 16:46 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-04-14 16:45 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2017-04-14 16:45 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2017-04-14 16:45 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2017-04-14 16:45 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2017-04-14 16:45 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2017-04-14 16:45 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2017-04-14 16:44 - 2016-02-02 13:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-04-14 16:44 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2017-04-14 16:44 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2017-04-14 16:43 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-04-14 16:43 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 10:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 09:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-04-14 16:42 - 2016-02-05 13:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2017-04-14 16:42 - 2016-02-05 13:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2017-04-14 16:42 - 2016-02-05 12:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2017-04-14 16:42 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2017-04-14 16:42 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2017-04-14 16:42 - 2015-06-03 15:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2017-04-14 16:42 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2017-04-14 16:42 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2017-04-14 16:42 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2017-04-14 16:42 - 2011-05-04 00:25 - 02315776 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 02223616 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2017-04-14 16:42 - 2011-05-04 00:19 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2017-04-14 16:42 - 2011-05-03 23:34 - 01549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 01401344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2017-04-14 16:42 - 2011-05-03 23:28 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2017-04-14 16:41 - 2016-08-29 10:31 - 14183424 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:31 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:04 - 03229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-04-14 16:41 - 2016-08-29 09:55 - 02972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-04-14 16:41 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2017-04-14 16:41 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2017-04-14 16:41 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2017-04-14 16:40 - 2016-05-12 12:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2017-04-14 16:40 - 2016-05-12 12:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-03-09 14:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2017-04-14 16:40 - 2016-03-09 13:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2017-04-14 16:40 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-04-14 16:40 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2017-04-14 16:40 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-04-14 16:40 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-01-04 05:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2017-04-14 16:40 - 2012-01-04 03:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccr32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcjt32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccr32.dll
2017-04-14 16:40 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2017-04-14 16:40 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2017-04-14 16:40 - 2011-03-11 01:34 - 01395712 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2017-04-14 16:40 - 2011-03-11 01:34 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01164288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01137664 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2017-04-14 16:39 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2017-04-14 16:39 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2017-04-14 16:39 - 2016-02-03 13:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2017-04-14 16:39 - 2016-01-20 19:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-04-14 16:39 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-04-14 16:39 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2017-04-14 16:39 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-04-14 16:39 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2017-04-14 16:39 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-04-14 16:39 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2017-04-14 16:39 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2017-04-14 16:39 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2017-04-14 16:39 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\windows\system32\psisdecd.dll
2017-04-14 16:39 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\psisrndr.ax
2017-04-14 16:39 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisdecd.dll
2017-04-14 16:39 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisrndr.ax
2017-04-14 16:39 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2017-04-14 16:39 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2017-04-14 16:39 - 2010-12-23 05:42 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\sbe.dll
2017-04-14 16:39 - 2010-12-23 05:36 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2017-04-14 16:39 - 2010-12-23 00:54 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\sbe.dll
2017-04-14 16:39 - 2010-12-23 00:50 - 00199680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2017-04-14 16:38 - 2016-07-07 10:36 - 01896168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-04-14 16:38 - 2016-07-07 10:08 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2017-04-14 16:38 - 2016-03-09 13:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2017-04-14 16:38 - 2016-03-09 13:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2017-04-14 16:38 - 2016-02-04 20:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2017-04-14 16:38 - 2016-02-04 13:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2017-04-14 16:38 - 2016-01-11 14:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2017-04-14 16:38 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2017-04-14 16:38 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2017-04-14 16:38 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-04-14 16:38 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2017-04-14 16:38 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2017-04-14 16:38 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2017-04-14 16:38 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2017-04-14 16:38 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2017-04-14 16:38 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2017-04-14 16:38 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2017-04-14 16:38 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2017-04-14 16:38 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2017-04-14 16:38 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2017-04-14 16:38 - 2011-03-03 01:24 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 01:24 - 00183296 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-04-14 16:38 - 2011-03-03 01:21 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2017-04-14 16:38 - 2011-03-03 00:38 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 00:36 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2017-04-14 16:37 - 2016-05-11 12:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-04-14 16:37 - 2016-05-11 10:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-04-14 16:37 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2017-04-14 16:37 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2017-04-14 16:37 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2017-04-14 16:37 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2017-04-14 16:37 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2017-04-14 16:37 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2017-04-14 16:37 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2017-04-14 16:37 - 2011-12-30 01:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2017-04-14 16:37 - 2011-12-30 00:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2017-04-14 16:10 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2017-04-14 16:10 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2017-04-14 15:56 - 2017-04-14 15:56 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-05 23:41 - 2017-04-05 23:42 - 302321388 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 23:31 - 2017-04-05 23:31 - 12467357 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (192kbit_AAC).m4a
2017-04-05 23:30 - 2017-04-05 23:30 - 00000068 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (Description).txt
2017-04-05 22:55 - 2017-04-05 22:55 - 67769383 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (480p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:51 - 2017-04-05 22:51 - 11271280 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (152kbit_Opus).ogg
2017-04-05 22:50 - 2017-04-05 22:50 - 08342733 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (128kbit_AAC).m4a
2017-04-05 22:50 - 2017-04-05 22:50 - 07782289 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (192kbit_AAC).m4a
2017-04-05 22:49 - 2017-04-05 22:49 - 00000111 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (Description).txt
2017-04-05 22:48 - 2017-04-05 22:50 - 166914741 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:49 - 109776105 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (Description).txt
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 22397676 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (1080p_25fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02674695 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02669174 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02630944 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 01692670 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00953909 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00346925 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00146128 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (128kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080545 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080540 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080181 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00041119 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00001126 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00001120 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000985 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000196 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000152 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000115 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (Description).txt
2017-04-05 22:23 - 2017-04-05 22:23 - 121397723 _____ C:\Users\Kenny\Downloads\Hey Joe 70yo Czech Rocker.mp4
2017-04-05 21:31 - 2017-04-05 21:31 - 00000000 ____D C:\Users\Kenny\Documents\Screencast-O-Matic
2017-04-03 14:37 - 2017-04-03 14:42 - 00000000 ____D C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable
2017-04-03 14:37 - 2017-04-03 14:37 - 00000000 ____D C:\windows\XSxS
2017-04-03 14:33 - 2017-04-03 14:35 - 219384929 _____ C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable.rar
2017-04-02 23:02 - 2017-04-02 23:02 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2017-04-02 23:02 - 2017-04-02 23:02 - 00001106 _____ C:\Users\Public\Desktop\Prism Video File Converter.lnk
2017-04-02 20:54 - 2017-04-02 20:54 - 00262144 _____ C:\windows\Minidump\040217-28282-01.dmp
2017-04-02 20:44 - 2017-04-02 20:44 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-04-02 20:34 - 2017-04-02 20:34 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2017-04-02 20:32 - 2017-04-02 20:32 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-04-02 20:28 - 2017-04-02 20:28 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2017-04-02 20:19 - 2017-04-02 21:03 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\LflhvyQg
2017-04-02 20:19 - 2017-04-02 20:19 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2017-04-02 20:19 - 2017-04-02 20:19 - 00129536 _____ C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2017-04-02 19:56 - 2017-04-02 19:56 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2017-04-02 19:43 - 2017-04-02 19:43 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2017-04-02 19:42 - 2017-04-02 19:42 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2017-04-02 19:42 - 2017-04-02 19:42 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2017-04-02 19:41 - 2017-04-02 19:41 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2017-04-02 19:39 - 2017-04-02 19:39 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2017-04-02 19:39 - 2017-04-02 19:39 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2017-04-02 19:34 - 2017-04-02 19:34 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2017-04-02 19:28 - 2017-04-02 19:28 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-04-02 19:27 - 2017-04-02 19:27 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2017-04-02 19:27 - 2017-04-02 19:27 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00384000 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-04-02 19:26 - 2017-04-02 19:26 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2017-04-02 19:22 - 2017-04-02 19:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2017-04-02 19:03 - 2017-04-02 19:03 - 43868160 _____ C:\windows\system32\config\COMPONENTS.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 117964800 _____ C:\windows\system32\config\SOFTWARE.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00323584 _____ C:\windows\system32\config\DEFAULT.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00028672 _____ C:\windows\system32\config\SECURITY.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00024576 _____ C:\windows\system32\config\SAM.iobit
2017-04-02 18:49 - 2017-04-02 18:49 - 00262144 _____ C:\windows\Minidump\040217-21824-01.dmp
2017-04-02 18:38 - 2017-04-16 19:08 - 00000000 ____D C:\GetNZB Downloads
2017-04-02 18:37 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000979 _____ C:\Users\Kenny\Desktop\GetNZB.lnk
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\Program Files (x86)\GetNZB
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N C:\windows\system32\tprdpw32.exe
2017-03-28 18:22 - 2017-03-28 18:22 - 06113439 _____ (InstallShield Software Corporation) C:\Users\Kenny\Downloads\pci_filerecovery.exe
2017-03-28 18:14 - 2017-03-28 18:14 - 00000000 ____D C:\Program Files\EaseUS
2017-03-28 18:13 - 2017-03-28 18:13 - 16918168 _____ (EaseUS ) C:\Users\Kenny\Downloads\UnDeleteFlashdrives_free.exe
2017-03-24 23:22 - 2017-03-24 21:00 - 03326715 _____ C:\Users\Kenny\Documents\StormyII.wmv
2017-03-24 23:07 - 2017-03-24 21:28 - 04979789 _____ C:\Users\Kenny\Documents\Flounder.wmv
2017-03-24 21:35 - 2017-03-22 22:17 - 00446805 _____ C:\Users\Kenny\Documents\Natives.wmv
2017-03-13 22:43 - 2017-03-13 22:51 - 00000000 ____D C:\Users\Kenny\Downloads\ProShow Producer 8.0.3648 Portable
2017-03-13 22:43 - 2017-03-13 22:43 - 72275142 _____ C:\Users\Kenny\Downloads\ProShow_Producer_8.0.3648_Portable_softarsiv.softarchive.la.rar
2017-03-12 22:05 - 2017-03-12 22:06 - 00000000 ____D C:\Users\Kenny\Downloads\ProShowGold
2017-03-12 17:08 - 2017-03-12 17:08 - 00000000 ____D C:\Program Files (x86)\Photodex
2017-03-12 17:07 - 2017-03-13 17:20 - 00000000 ____D C:\Users\Kenny\Downloads\ProShow Gold 8.0.3648 Portable
2017-03-12 16:55 - 2017-03-12 16:55 - 00000000 ____D C:\windows\Photodex Presenter
2017-03-10 22:02 - 2017-04-02 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2017-03-10 22:02 - 2017-04-02 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2017-03-10 22:02 - 2017-03-10 22:02 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2017-03-10 22:02 - 2017-03-10 22:02 - 00001110 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk
2017-03-09 20:38 - 2017-03-09 20:38 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (7).mov
2017-03-04 18:21 - 2017-03-04 18:22 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (6).mov
2017-02-28 20:07 - 2017-02-28 20:07 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (5).mov
2017-02-28 20:04 - 2017-04-14 19:17 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}
2017-02-22 22:38 - 2017-02-22 22:38 - 00001848 _____ C:\Users\Public\Desktop\IrfanView 64 Thumbnails.lnk
2017-02-22 22:38 - 2017-02-22 22:38 - 00000974 _____ C:\Users\Public\Desktop\IrfanView 64.lnk
2017-02-22 22:38 - 2017-02-22 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-22 22:38 - 2017-02-22 22:38 - 00000000 ____D C:\Program Files\IrfanView
2017-02-22 22:37 - 2017-02-22 22:37 - 03399648 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_x64_setup.exe
2017-02-22 22:36 - 2017-02-22 22:36 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (7).exe
2017-02-21 16:32 - 2017-02-21 16:32 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (4).mov
2017-02-21 16:32 - 2017-02-21 16:32 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (6).exe
2017-02-19 19:25 - 2017-02-19 19:25 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (5).exe
2017-02-19 19:24 - 2017-02-19 19:25 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (3).mov
2017-02-19 15:47 - 2017-02-19 15:47 - 04565998 _____ C:\Users\Kenny\Downloads\Facebook Insights Data Export - Bay County Historical Society - 2017-02-19.xls
2017-02-19 14:32 - 2017-02-19 14:32 - 00066249 _____ C:\Users\Kenny\Downloads\REDD KENNETH & MARGARITA 8879 2016.pdf
2017-02-19 13:02 - 2017-02-19 13:02 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (4).exe
2017-02-19 13:01 - 2017-02-19 13:01 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (2).mov
2017-02-19 11:31 - 2017-02-19 11:31 - 09742019 _____ C:\Users\Kenny\Downloads\soto6 (1).mov
2017-02-16 19:02 - 2017-02-16 19:02 - 09742019 _____ C:\Users\Kenny\Downloads\soto6.mov
2017-02-16 19:01 - 2017-02-16 19:01 - 07120717 _____ C:\Users\Kenny\Downloads\soto2.mov
2017-02-16 18:04 - 2017-02-16 18:04 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (3).exe
2017-02-10 20:39 - 2017-03-16 16:57 - 00000000 ____D C:\OPCB
2017-02-10 18:28 - 2017-04-09 19:15 - 00000000 ____D C:\BCHS
2017-02-09 00:02 - 2017-02-09 00:02 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-09 00:02 - 2017-02-09 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-08 20:56 - 2017-02-08 20:57 - 00001609 _____ C:\Users\Kenny\Downloads\product_template-31d1883c0cb7333ccb855b9b6aae06674ab3553740a057959911c18d7853e84b.csv
2017-02-08 18:36 - 2017-02-08 18:51 - 00000000 ____D C:\Users\Kenny\Documents\honestech TVR
2017-02-08 18:33 - 2017-02-08 18:33 - 00002147 _____ C:\Users\Public\Desktop\honestech TVR 2.5.lnk
2017-02-08 18:33 - 2017-02-08 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech TVR 2.5
2017-02-08 18:31 - 2017-02-08 18:32 - 00000000 ____D C:\Program Files (x86)\Fushicai VIDEO DVR
2017-02-07 21:35 - 2017-02-07 21:35 - 07429731 _____ C:\Users\Kenny\Downloads\easycap-sm-usb007.zip
2017-02-07 21:21 - 2017-02-07 21:48 - 00000000 ____D C:\EasyCap
2017-02-07 21:18 - 2017-02-07 21:18 - 00000000 ____D C:\Users\Kenny\Downloads\Easycap Drivers for Windows 7
2017-02-07 20:45 - 2017-02-07 20:45 - 04087568 _____ (NCH Software) C:\Users\Kenny\Downloads\gvsetup (1).exe
2017-02-07 20:42 - 2017-02-07 20:42 - 00001342 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2017-02-07 20:42 - 2017-02-07 20:42 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Videos VHS to DVD Converter.lnk
2017-02-07 20:42 - 2017-02-07 20:42 - 00001200 _____ C:\Users\Public\Desktop\Golden Videos VHS to DVD Converter.lnk
2017-02-07 20:41 - 2017-02-07 20:41 - 04087568 _____ (NCH Software) C:\Users\Kenny\Downloads\gvsetup.exe
2017-02-07 18:47 - 2017-02-07 18:47 - 25810944 _____ C:\Users\Kenny\Downloads\Florida Greetings Postcards Part One (1).pps
2017-02-07 18:42 - 2017-02-07 18:42 - 25815040 _____ C:\Users\Kenny\Downloads\Florida Greetings Postcards Part One.pps
2017-02-07 18:40 - 2017-02-07 18:40 - 03852288 _____ C:\Users\Kenny\Downloads\More Panama City Photos.pps
2017-02-07 18:38 - 2017-02-07 18:38 - 03061248 _____ C:\Users\Kenny\Downloads\The Monster Mash - 2013.pps
2017-02-07 18:34 - 2017-02-07 18:34 - 05222400 _____ C:\Users\Kenny\Downloads\Even More Panama City Beach.pps
2017-02-07 18:22 - 2017-02-07 18:22 - 04951552 _____ C:\Users\Kenny\Downloads\Another Group Of Panama City Beach Photos.pps
2017-02-07 17:43 - 2017-02-08 18:36 - 00000000 ____D C:\Users\Kenny\Documents\honestech TVR2.5
2017-02-07 17:43 - 2017-02-07 17:43 - 00000000 ____D C:\Program Files (x86)\honestech
2017-02-07 17:42 - 2017-02-07 17:42 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2017-02-07 17:41 - 2011-06-08 18:22 - 00268416 _____ ( ) C:\windows\system32\Drivers\OEMDrv.sys
2017-02-06 18:36 - 2017-02-06 18:36 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup.exe
2017-02-06 18:36 - 2017-02-06 18:36 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (2).exe
2017-02-06 18:36 - 2017-02-06 18:36 - 02158040 _____ (Irfan Skiljan) C:\Users\Kenny\Downloads\iview444_setup (1).exe
2017-02-05 23:30 - 2017-02-08 18:22 - 00000000 ____D C:\Folder for BillHudson
2017-02-05 13:26 - 2017-03-05 15:35 - 00000000 ____D C:\Printful Central
2017-02-04 02:24 - 2017-02-04 02:24 - 10669879 _____ C:\Users\Kenny\Downloads\Represent+(Press+Kit).zip
2017-02-03 18:26 - 2017-02-03 18:27 - 07131775 _____ C:\Users\Kenny\Downloads\Threads_Not_Dead_Jeff_Finley(www.ebook-dl.com).zip
2017-02-02 00:24 - 2017-02-02 00:24 - 00302883 _____ C:\Users\Kenny\Downloads\Form1095a_2016.pdf
2017-02-02 00:22 - 2017-02-02 00:22 - 00187266 _____ C:\Users\Kenny\Downloads\Form1095a (2).pdf
2017-02-01 22:27 - 2017-02-01 22:27 - 00029108 _____ C:\Users\Kenny\Downloads\1099-MISC_from_Home_Buyers_Worldwide_LLC.pdf
2017-01-30 23:44 - 2017-04-16 14:59 - 00000000 ____D C:\HSBC
2017-01-30 23:33 - 2017-01-30 23:34 - 07131775 _____ C:\Users\Kenny\Downloads\Threads_Not_Dead_Jeff_Finley(www.ebook-dl.com) (1).zip
2017-01-30 17:26 - 2017-01-30 17:28 - 00000000 ____D C:\Users\Kenny\Documents\HSBC
2017-01-28 12:14 - 2017-01-28 12:14 - 00000211 ____H C:\Users\Kenny\.swfinfo

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-25 21:38 - 2015-06-21 17:34 - 00000918 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job
2017-04-25 21:28 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-25 21:28 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-25 21:21 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-25 21:20 - 2016-10-02 12:25 - 00000248 _____ C:\windows\SysWOW64\PARTIZAN.TXT
2017-04-23 17:38 - 2015-06-21 17:34 - 00000866 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job
2017-04-23 15:20 - 2012-07-02 15:29 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\vlc
2017-04-23 14:05 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2017-04-17 22:02 - 2016-10-02 12:21 - 00000000 ____D C:\@RestoreQuarantine
2017-04-17 21:59 - 2016-10-02 12:07 - 00000000 ____D C:\ProgramData\RegRun
2017-04-17 21:58 - 2016-10-02 12:07 - 00000000 ____D C:\Users\Kenny\Documents\RegRun2
2017-04-17 21:27 - 2016-02-20 10:47 - 488997878 _____ C:\windows\MEMORY.DMP
2017-04-17 21:27 - 2013-01-13 21:54 - 00000000 ____D C:\windows\Minidump
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\winstart.bat
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\CONFIG.NT
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\AUTOEXEC.NT
2017-04-16 23:01 - 2017-01-01 23:27 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-16 21:14 - 2016-01-17 22:22 - 00196608 _____ C:\windows\system32\Ikeext.etl
2017-04-16 21:14 - 2013-06-05 19:57 - 00000000 ____D C:\windows\pss
2017-04-16 20:44 - 2015-12-26 21:55 - 05659609 _____ (Swearware) C:\Users\Kenny\Downloads\ComboFix.exe
2017-04-16 20:40 - 2009-07-14 00:13 - 00786538 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-16 20:40 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2017-04-16 20:03 - 2016-01-31 12:09 - 00003124 _____ C:\windows\System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95}
2017-04-16 20:03 - 2014-01-27 15:04 - 00003154 _____ C:\windows\System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2}
2017-04-16 20:03 - 2014-01-27 15:03 - 00003166 _____ C:\windows\System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5}
2017-04-16 20:03 - 2013-06-05 21:38 - 00003220 _____ C:\windows\System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2}
2017-04-16 20:03 - 2013-04-08 21:02 - 00003086 _____ C:\windows\System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530}
2017-04-16 20:03 - 2012-08-04 10:16 - 00003340 _____ C:\windows\System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809}
2017-04-16 20:03 - 2012-07-07 14:58 - 00003122 _____ C:\windows\System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93}
2017-04-16 20:02 - 2016-10-18 14:55 - 00003318 _____ C:\windows\System32\Tasks\CorelUpdateHelperTaskCore
2017-04-16 19:55 - 2014-09-23 16:42 - 00000000 ___RD C:\Users\Kenny\Dropbox
2017-04-16 14:07 - 2009-07-13 22:20 - 00000000 ____D C:\windows\tracing
2017-04-16 10:59 - 2014-05-26 20:13 - 00000000 ____D C:\Users\Kenny\AppData\Local\JDownloader v2.0
2017-04-16 10:58 - 2009-07-13 22:20 - 00000000 ____D C:\windows\AppCompat
2017-04-16 10:50 - 2016-11-23 13:14 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\Mozilla
2017-04-15 14:43 - 2015-03-05 14:30 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\LastPass
2017-04-14 19:53 - 2015-06-21 17:34 - 00000000 ____D C:\Users\Kenny\AppData\Local\Dropbox
2017-04-14 19:51 - 2012-06-23 22:40 - 00001413 _____ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-14 19:41 - 2011-02-12 14:33 - 00000000 ____D C:\windows\Panther
2017-04-14 19:39 - 2009-07-13 23:45 - 05372656 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-14 19:31 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-14 18:20 - 2012-06-27 09:21 - 00778660 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-04-14 15:57 - 2014-09-23 16:37 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Dropbox
2017-04-14 15:52 - 2015-05-22 06:31 - 00032650 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-04-12 20:42 - 2012-06-24 00:38 - 00194848 _____ C:\Users\Kenny\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-10 21:00 - 2014-05-08 13:46 - 00003330 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2
2017-04-10 21:00 - 2013-07-09 11:25 - 00003202 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3
2017-04-10 15:00 - 2016-01-31 17:43 - 00000000 ____D C:\ProgramData\ProductData
2017-04-09 23:02 - 2013-06-02 16:52 - 00000000 ____D C:\windows\System32\Tasks\NCH Software
2017-04-09 19:59 - 2012-06-27 09:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\ProgramData\ESET
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\Program Files\ESET
2017-04-08 11:34 - 2017-01-02 00:04 - 00002096 _____ C:\Users\Kenny\Desktop\Advanced SystemCare 10.lnk
2017-04-03 23:34 - 2013-01-31 23:31 - 00000000 ____D C:\Art
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-30 19:40 - 2012-07-02 15:23 - 00091136 _____ C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-29 15:32 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-28 18:23 - 2011-04-26 21:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-28 15:27 - 2016-11-18 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Files in the root of some directories =======

2015-05-30 21:45 - 2007-03-31 16:34 - 129165278 _____ (Corel Corporation) C:\Program Files\CorelDRW.exe
2012-10-08 21:43 - 2012-10-08 21:43 - 62664192 _____ () C:\Program Files\eset_nt64_enu.msi
2016-05-05 18:51 - 2016-05-05 18:51 - 1505408 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetup.exe
2015-03-05 14:30 - 2015-03-05 14:30 - 14242360 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-07-24 17:09 - 2016-07-24 17:09 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2014-03-13 08:30 - 2017-02-19 14:47 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-12-15 12:42 - 2013-12-15 12:42 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-07-01 22:54 - 2017-03-25 16:52 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-04-02 20:19 - 2017-04-02 20:19 - 0129536 _____ () C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2012-08-10 16:12 - 2012-08-10 16:40 - 0557056 _____ () C:\Users\Kenny\AppData\Roaming\SharedSettings.ccs
2017-04-02 20:19 - 2017-04-02 20:19 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2012-07-02 15:23 - 2017-03-30 19:40 - 0091136 _____ () C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-03 20:56 - 2013-10-03 20:56 - 0000026 ____H () C:\ProgramData\.811261211181235583101118113995
2014-02-04 23:17 - 2016-10-02 12:33 - 0007289 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
2017-04-09 19:17 - 2012-08-30 18:19 - 4327024 _____ (Foxit Corporation) C:\Users\Kenny\AppData\Local\Temp\Foxit Updater.exe
2017-04-03 13:53 - 2017-04-03 13:53 - 0126976 __RSH () C:\Users\Kenny\AppData\Local\Temp\intel.exe
2017-04-16 10:57 - 2017-04-16 10:57 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole1100576980623147388.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole3758753963961335315.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 _____ () C:\Users\Kenny\AppData\Local\Temp\proxy_vole825817276371365189.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-23 13:57

==================== End of FRST.txt ============================



#10 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 26 April 2017 - 11:56 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2017
Ran by Kenny (25-04-2017 21:51:39)
Running from H:\Antivirus
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-24 03:39:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1182291490-1180826050-772089516-500 - Administrator - Disabled)
Guest (S-1-5-21-1182291490-1180826050-772089516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1182291490-1180826050-772089516-1003 - Limited - Enabled)
Kenny (S-1-5-21-1182291490-1180826050-772089516-1001 - Administrator - Enabled) => C:\Users\Kenny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2 (HKLM-x32\...\3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2) (Version: 3dsMaxDesign2015_SP2 - 3dsMaxDesign2015_SP2)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Advanced SystemCare PRO v10.0.3.620 1.00 (HKLM-x32\...\Advanced SystemCare PRO v10.0.3.620 1.00) (Version: 1.00 - IOBit)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk 3ds Max Design 2015 (HKLM\...\Autodesk 3ds Max Design 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max Design 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max Design 2015 64-bit (HKLM\...\{1C4FFAF0-5DBB-4F7A-A386-46747D060826}) (Version: 17.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max Design 2015 (HKLM\...\{D7DEFF4A-BB64-48CC-81AB-845BA62D6032}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.3.1114 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Capture (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common Apps (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Connect (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Core (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Custom Data (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Designer (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Draw (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - EN (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Filters (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - FontNav (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Content (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Lattice (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - PHOTO-PAINT (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Photozoom Plugin (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Redist (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Setup Files (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VBA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VideoBrowser (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VSTA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Writing Tools (x64) (Version: 16.4 -  Corel Corporation) Hidden
CorelDRAW Technical Suite X6 (64-Bit) (HKLM\...\_{E2FC299D-38D5-424F-BAB8-D24E07A3A58A}) (Version: 16.3.0.1114 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Document Capture Pro (HKLM-x32\...\{C3C7DD77-6034-48A4-BE26-7F10F7357228}) (Version: 1.00.0004 - Seiko Epson Corporation)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)
EasyLog USB (HKLM-x32\...\{073136C3-4A9F-4300-BDEA-8BB3FFD66962}) (Version: 7.2.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version:  - Lascar Electronics Ltd.)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 1.30.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.00.0000 - SEIKO EPSON Corp.)
EPSON WorkForce DS-30 Scanner Driver Update (HKLM-x32\...\{7F75CDB7-4F59-409E-9704-792214A262F8}) (Version:  - )
ESET NOD32 Antivirus (HKLM\...\{1ECE2323-0C41-412D-B7EF-1997F810C439}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileFinder (HKLM-x32\...\FileFinder) (Version: 1.0.1 - Webitar Production Inc.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
GetNZB version 1.404 (HKLM-x32\...\GetNZB_is1) (Version: 1.404 - )
Golden Videos VHS to DVD Converter (HKLM-x32\...\GoldenVideos) (Version: 3.04 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Image Downloader v1.0 (HKLM-x32\...\{E6097F72-3D12-4ACF-8868-3C938DA36AB8}) (Version: 1.1.0 - Google Image Downloader)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (x32 Version: 2.5 - honestech) Hidden
HostsMan 4.6.103 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.6.103.0 - abelhadigital.com)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2246 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
IPM_Common_x64 (Version: 2.3 - Your Company Name) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junior Icon Editor (HKLM-x32\...\Junior Icon Editor) (Version: 4.33 - SibCode)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kestrel Communicator (HKLM-x32\...\{B8FAE663-DCC4-40E3-966D-4AE5B181769C}) (Version: 2.1.1 - Nielsen-Kellerman)
Kodi (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Kodi) (Version:  - XBMC-Foundation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Magic ISO Maker v5.3 (build 0229) (HKLM-x32\...\Magic ISO Maker v5.3 (build 0229)) (Version:  - )
Malwarebytes Anti-Malware version 1.65.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.0.1400 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 en-US)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero BurningROM 12 (HKLM-x32\...\{DCF34348-8673-4E60-97E5-1CBC0D7293AC}) (Version: 12.5.01100 - Nero AG)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.18.00 - NETGEAR Inc.)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Online Application Installer (x32 Version: 2.0.0 - Microleaves) Hidden <==== ATTENTION
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
ParticleShop - Core (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (Version: 1.3 - Corel Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.31 - NCH Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.63 - NCH Software)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
ProShow Producer version 8.0.3648 (HKLM-x32\...\{5FFCED89-D154-462E-B9EB-9A8D26A7C027}_is1) (Version: 8.0.3648 - Photodex)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Runtime VS2005 SP1 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 All 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 OpenMP 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 x64 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Noise Reduction Plug-In 2.0e (HKLM-x32\...\{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}) (Version: 2.0.444 - Sony)
Sony Sound Forge 9.0 (HKLM-x32\...\{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}) (Version: 9.0.297 - Sony)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnHackMe 8.00 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.2.17 - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.30 - NCH Software)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VSDC Free Video Editor version 3.3.5.411 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.3.5.411 - Flash-Integro LLC)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless USB WinDrivers (HKLM-x32\...\InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}) (Version: 14.2.77.6 - IOGEAR)
Wireless USB WinDrivers (Version: 14.2.77.6 - IOGEAR) Hidden
XVL Player / XVL Player Pro (Ver. 9 or later) 64-bit Edition (HKLM-x32\...\{936575FE-E49B-4CE9-9934-0329727476C8}) (Version: 12.1a - Lattice Technology)
XVL Studio 3D Corel Edition x64 (HKLM-x32\...\{137926AA-703D-4382-81A7-BD30EDAFB6C9}) (Version: 1.0 - Lattice Technology)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08FD617A-5121-4404-8D0C-7DDAC62B4FB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {09F3B29E-26BD-4E14-9C02-BC1D05B5CF83} - System32\Tasks\Driver Booster SkipUAC (Kenny) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {34840C07-9C36-4FEF-9509-17173B8766FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {378420EA-BC69-43D7-9292-7F62BD0F0A48} - System32\Tasks\Uninstaller_SkipUac_Kenny => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-24] (IObit)
Task: {58A3DC5A-FCAB-405F-8D41-1249FBA1E3BB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {785F9FAA-8BEF-4FB0-88A5-A6F710809BA4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-08-25] (Corel Corporation)
Task: {798F5CD2-518D-45EB-B0EF-54C961AB18F6} - System32\Tasks\ASC10_SkipUac_Kenny => C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASC.exe [2016-10-21] (IObit)
Task: {8D371BEF-E4C7-45E0-AEA8-B422A0088D52} - System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809} => pcalua.exe -a C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0\setup.exe -d C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0
Task: {8DCC176C-438F-457E-8B2E-104CEFF63F0B} - System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95} => pcalua.exe -a C:\PROGRA~2\ULTIMA~1\UNWISE.EXE -c C:\PROGRA~2\ULTIMA~1\INST.LOG
Task: {8DF637C4-5338-4042-9DA0-2E593842A5B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70 => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {97B2A286-7586-4A29-9F54-D045B6B40E3B} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A28A7D1A-BAFA-4B82-8332-D6B3D47AA83C} - System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2} => pcalua.exe -a G:\Hold\Downloads\SolidWorks\2013\Crack\SW2010-2013.Activator.SSQ.exe -d G:\Hold\Downloads\SolidWorks\2013\Crack
Task: {A2DA51AF-80A8-44AF-AD1F-BCB60A540308} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {A67E2D73-4BB3-4F0E-8CC5-848A26731591} - System32\Tasks\Opera scheduled Autoupdate 1425845139 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {BA9BED31-1EFC-44BF-BED6-BB00EA6112EA} - System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5} => pcalua.exe -a "C:\Users\Kenny\Downloads\AutodeskDesignRevSetup (1).exe" -d C:\Users\Kenny\Downloads
Task: {BD85579D-AFC2-4AE0-A95A-40A4861CA235} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BE8D9B8E-1488-46EF-9BD1-0A49134CB08A} - System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93} => pcalua.exe -a C:\Users\Kenny\Documents\Agent7.exe -d C:\Users\Kenny\Documents
Task: {D53CA6E0-39B8-4022-9658-7022EEEB7638} - System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2} => pcalua.exe -a C:\Users\Kenny\Downloads\AutodeskDesignRevSetup.exe -d C:\Users\Kenny\Downloads
Task: {D8A49DAE-36A1-457B-9CE7-A7DC8F1ACDDA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E18569BF-346B-4BEB-9904-61D8508205EA} - System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530} => pcalua.exe -a G:\Hold\Nero\NeroPortable.exe -d G:\Hold\Nero
Task: {F70E58AD-CC4D-4465-8258-74AE3F4EBD01} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\UnHackMe Task Scheduler.job => O:\UnHackMe\hackmon.exe $(Arg0)  Greatis Software, LLC. ?Part of RegRun Suite/UnHackMe software. hxxp:/www.greatis.com
Task: C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job => C:\windows\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Kenny\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) ==============

2016-06-30 03:23 - 2016-11-13 18:31 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2014-05-01 14:29 - 2014-05-01 14:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N () C:\windows\system32\tprdpw32.exe
2010-11-19 05:22 - 2010-11-11 23:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-08-18 16:38 - 2010-08-18 16:38 - 00055608 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\CompInfo.dll
2010-12-20 19:53 - 2010-12-20 19:53 - 00094016 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WUSBResource.dll
2011-04-26 22:02 - 2009-07-16 11:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2011-04-26 22:02 - 2007-12-31 12:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2015-12-02 11:58 - 2015-11-16 13:32 - 00919040 _____ () C:\windows\mod_frst.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:NA9neJm8azOWRQimgVEJ [1984]
AlternateDataStreams: C:\ProgramData\Microsoft:N22G5oeVojqAN0YRATXc4 [2324]
AlternateDataStreams: C:\ProgramData\Microsoft:ScZA6zOFIgdVBGXsFu5qj3 [2088]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]
AlternateDataStreams: C:\Users\Kenny\Cookies:dbDELzmMFy1QJZSKPtVcBkjxTNbs [2018]
AlternateDataStreams: C:\Users\Kenny\Cookies:UNyxI5x0ybWi460VVi13 [2376]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-10-19 15:27 - 00002047 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 www.autodesk.com
127.0.0.1 autodesk.com
127.0.0.1 www.corel.com
127.0.0.1 corel.com
127.0.0.1 www.coreldraw.com
127.0.0.1 coreldraw.com127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com

There are 28 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 3
MSCONFIG\Services: AdAppMgrSvc => 3
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_64 => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: Dataup =>
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: EpsonScanSvc => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: hpqcxs08 => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: mi-raysat_3dsmax2015_64 => 3
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: Net Driver HPZ12 => 2
MSCONFIG\Services: NETGEARGenieDaemon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: Pml Driver HPZ12 => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: PSI_SVC_2_x64 => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: realtek_amd64 => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: ShellHWDetection => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: windowsmanagementservice =>
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk => C:\Windows\pss\SolidWorks Background Downloader.lnkCommon Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UMonit => C:\windows\SysWOW64\UMonit.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{265E4909-8F20-41C5-A4C4-151D1829DE0E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3DADDB29-ECA7-41D9-8249-990DC3B81E40}] => (Allow) LPort=2869
FirewallRules: [{7B5C4703-0DC6-494A-A570-DD0C79FDF54B}] => (Allow) LPort=1900
FirewallRules: [{8DC4FBA7-8ABB-4552-9EE3-459650219D8B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A9BB1148-6471-4413-814C-85464B7DFA78}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F75A7D92-2FA3-4355-A465-C1E8677BC22C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{8F19CBB5-095D-47B5-97F8-02BC3AA4D21D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E7B07342-CC73-45B0-B494-71F90CAA45B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{C895FAED-C7F9-4613-838C-E0E5A07F9A34}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{20639599-951D-425C-8B1F-2D90DDF0964B}] => (Allow) LPort=7935
FirewallRules: [{CAE8E549-0F39-4C4D-B721-9E87FEACAE18}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{2A5922BB-A443-4A5C-AC2A-2AA1FDBCBB28}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{1C83CB30-F3B5-4BCB-AAAC-E3B9259DC9E0}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{5E69FF16-DD1D-40B6-B047-77D21BF3F384}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{167AF32E-37A4-4B9B-869F-C6598C3E768D}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{AD36BDC4-CD13-48E1-A1BD-2949F6FDDFF2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{2AEB89F3-0857-4EA8-ADC8-4E224A254EEC}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [{8F558CB3-A440-41BD-BB7D-58710207CF2A}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [TCP Query User{4D1AC42A-60A7-4867-B92A-3DA4DF91BE50}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{415069A8-1523-4898-B816-32DB4098A26C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{12FE872A-DBF2-4D6C-95AD-91B95A02ABE7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{607DFBD9-E65F-4BCD-99BE-FA499614D8D2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{0A67C560-FB4D-4604-8536-E9CCE1F4DED9}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{86973699-DDC4-4ACB-9128-F3D3A097AA59}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [TCP Query User{9D07D42F-2A0A-4CBA-9308-D3EBC416877A}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{1C836163-4814-4938-AC21-7614693C1171}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [{62D1D53D-B2B3-4FB5-A083-269E55FF7727}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{7CAA77C5-A5B8-4434-98B0-B7D9A6D022D9}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{B313C5B1-8774-405A-A7E7-5E8F41E4D517}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0F0C22A9-C0B3-4DFE-87B6-6C71C012BDC1}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D6166114-5E09-47D6-ACD1-361FD7ED15D5}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30077A69-F6B6-44E4-BB22-C87644243013}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C7B665FE-2A37-493F-A99E-D03298BA1402}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0F1AA537-9F6D-4B4E-A7F3-FB11A0AB66C6}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4349BC9C-FAB0-4731-BEA7-570856F379A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9AAD1FAD-4425-4F82-80B7-307EFD982572}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5057CBFE-FCB4-4C17-9ECC-99609AC009DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6D27503F-4EF9-4241-AC71-9FD497FDB70D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9F8A352B-2E35-49AA-856B-F3D9B147B71B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BFCF7861-E3DE-4CA1-AA58-72A1C2646271}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{EE7C6976-B54F-4738-B433-036A352A69ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4C203461-7E7C-47AD-B8AF-BF8684F42E8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{7122E32B-C7EE-45A5-9E81-B613CB21DC06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2F1855CC-0ADD-4032-8318-AF1A8A429498}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{12D5F143-980E-4DCA-97A8-B44D3B0ACE5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{37FC62B7-50E4-4BAC-9AC3-FBA1BAFF7905}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7A2E0995-AB75-42EA-92BD-C23A912C5A9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B394E128-D387-42D3-B869-C339561BC8F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{E470CD50-D104-4ABA-9EB8-DB6457DEA26C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F7096A3C-3A7E-4806-B251-D8CD66D169BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C3F615FB-80F2-499C-8CBC-8F56FA81DD73}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{15179C9F-E19B-4286-9FCB-A61730F383EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{3DE6BCD5-B859-4C0F-AD28-06648BD58176}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{CC2C6181-53EF-4CCC-99F7-FE379FE82EF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{84D883AD-A125-470E-8EA5-6BEB0A18D447}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0FEE17A8-421C-4A87-9F06-7ED6CEF5B831}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{7461D573-3907-49AB-A0DA-2E28801465F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5ADE9BD7-4DB3-4481-BF41-053F76269DBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{222A650E-2ADF-4066-ABA2-2F600A92E90D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{36FE8C8B-4105-4F05-BEB0-F855C0228D29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{420ED225-FAF9-4B68-89FE-18F29AC81808}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4C0DB2C9-285D-40D4-875D-41728F857E12}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{93DC2DE1-A0FD-46BE-8231-1AC1D04C9A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52DE9E70-F821-4DF5-B75E-858144FF199F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A39CD35-5B8A-41ED-9077-EF2AF74F3643}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{183712CF-413D-4BAE-9CE2-6150ABBD99C3}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{7BFF4701-73BE-4641-8F81-0572E34187C6}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{1928AE09-3766-4414-9EA1-66FD9362E94A}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{9F2E6A43-7BDB-4DC3-9CF5-5D4E740BBFC3}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{473603DA-508D-4DFE-84B1-2A12B161C487}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{6D98085D-F83F-40B9-903F-35D6EA4542C0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{AA9287BD-EBFB-4230-90FC-CA868E65A6B9}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [TCP Query User{C6540BA5-5444-4FC2-BCA9-CA9D36260BA8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{91AD566A-41BF-4CED-AB40-1F4226BAA766}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{649C12AA-A282-4A79-B01E-10EF74CC9A05}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{20A5184D-BE09-4D75-A4F4-86475C11EB9F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{4B7FD53F-5087-472F-8EB2-011D8209E614}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{ABD5E5DE-3909-4D4B-B5F4-71A7631799FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2DAB4DA7-1191-41CD-91AE-17112F3A4DE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{E4EA45A0-D360-46B3-AD57-11497847B2DA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{1E932A4E-65AC-4400-96DB-5450F8064415}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{6947C71A-1FC1-4CEF-922C-CED9722E937D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{B997C707-1DAE-46B4-8DD2-68A8B264BCDC}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{72AC4099-C5E6-45C1-9C95-D6793F80F7D4}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{E3F6D59B-C1AC-4001-8A8B-89C8B4C8DC13}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{CF624B1A-79BF-4942-9282-38DB4EEA1F73}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{A70F35CF-42DC-4057-8E5E-591ABCA0A817}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{1E104000-2A69-4EBA-B30D-4D1B05A5E106}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{F13D9B33-FBE6-4A72-8D72-C15F578DE145}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{CDCB19D8-20DC-484D-BF6D-A05E635D7B99}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [TCP Query User{905DFB28-6E75-4137-8F7C-2B0775321C5C}C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe] => (Allow) C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe
FirewallRules: [UDP Query User{276B76D0-EBC0-45FA-9CEA-568880A45C7D}C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe] => (Allow) C:\program files (x86)\iobit\advanced systemcare 10 pro\surfing protection\ffnativemessage.exe
FirewallRules: [TCP Query User{7104BA23-2698-4027-8BEC-B32881DDF072}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{66930B94-9B86-4F01-A740-37FA89F4F397}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{655915FF-ACD3-4663-99C0-2464B4997A9A}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{B1E45A98-DC06-4917-93A9-210C176E1709}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{FBDA2001-EA7D-4DF4-B4C1-8FDCA2EB79F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{836BF431-9721-4686-9D35-EC2485C0735D}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [{ECFC2DF0-FE8C-497E-8774-EE1E030E47E0}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [TCP Query User{8DDA7F2D-3F0C-41DA-854A-ACB37A3386EB}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{6FEB2462-BF84-41E0-A0A2-6A358598B5BA}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{0D2403A5-8C68-4568-8FE9-0B3AECCEAFCE}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{7A6CFEA9-7254-4842-9812-9332F8F8579C}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
StandardProfile\AuthorizedApplications: [C:\Users\Kenny\AppData\Local\Temp\Disk Space Cache.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\Corel Draw 11 Portable 100 Working.rar yEnc 1 10\autoextracted\Corel Draw 11 Portable (100 Working).exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\CorelDraw Graphics Suite X6 16.0.0.707 2012Eng.rar\autoextracted\CorelDraw Graphics Suite X6 16.0.0.707 (2012Eng).exe] => Enabled:Windows Messanger

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (04/23/2017 05:36:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (04/23/2017 02:04:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (04/23/2017 02:04:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (04/23/2017 02:04:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (04/23/2017 02:04:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server


System errors:
=============
Error: (04/25/2017 09:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/25/2017 09:23:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.

Error: (04/25/2017 09:21:41 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"740"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

Error: (04/25/2017 09:21:41 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"170"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

Error: (04/25/2017 09:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error:
The requested resource is in use.

Error: (04/24/2017 08:44:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (04/24/2017 08:44:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.

Error: (04/24/2017 08:42:32 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"740"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

Error: (04/24/2017 08:41:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error:
The requested resource is in use.

Error: (04/23/2017 08:09:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.


CodeIntegrity:
===================================
  Date: 2017-04-13 15:02:51.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-13 15:02:51.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-12 14:52:12.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-12 14:52:12.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-12 07:21:06.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-12 07:21:06.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-11 19:37:06.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-11 19:37:06.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-10 20:12:58.406
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-10 20:12:58.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU G620 @ 2.60GHz
Percentage of memory in use: 16%
Total physical RAM: 5992.44 MB
Available physical RAM: 5013.96 MB
Total Virtual: 11983.06 MB
Available Virtual: 11089.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:86.97 GB) NTFS
Drive d: (JVC DVD_ROM ) (CDROM) (Total:1.75 GB) (Free:0 GB) UDF
Drive e: (Old Drive) (Fixed) (Total:931.51 GB) (Free:43.57 GB) NTFS
Drive h: () (Removable) (Total:59.13 GB) (Free:29.32 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 032E13D2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 96287ECE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 2 (Size: 59.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,713 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:04 AM

Posted 26 April 2017 - 01:28 PM

You are very welcome.

Let's remove those programs using the below program. If you receive any prompts consider them legitimate.

===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

I recommend uninstalling the below listed program(s) from your computer.

Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.

Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of a previous uninstall. If that is the case simply stop and let me know.
  • Please download and install Revo Uninstaller Free
  • Double click the Revo Uninstaller icon
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)

All previously identified programs

  • If presented with the program uninstall option click Uninstall
  • If asked to reboot select Reboot later
  • Under Scanning Modes select Advanced then select Scan
  • On the Found leftover Registry items window check the items in bold only then click Delete. You may have to expand some folders by clicking the "+" mark.
  • When prompted click on Next then Yes
  • On the Found leftover files and folders window click on Select all, click Finish, then click Yes
  • Run CKScanner and FRST again.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ckfiles.txt
  • FRST reports (2)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 27 April 2017 - 03:32 PM

Gary,

Thanks, for your continued assistance. I purged the programs per your directive, using Revo. There were some MS apps that I was unsure as to whether they were critical to the OS...so, I left them in place. Next is the CKfile:

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\3ds max\2015\crack\install.txt
c:\3ds max\2015\crack\xf-adsk2015_x64.7z
c:\3ds max\2015\crack\xf-adsk2015_x86.7z
c:\3ds max\2015\x64\max\autodesk\3ds max design 2015\maps\substance\textures\cracked_plaster.sbsar
c:\3ds max\3ds2016\crack.rar
c:\3ds max\3ds2016\autodesk_2016_xfkeygen\install.txt
c:\3ds max\3ds2016\autodesk_2016_xfkeygen\xf-adsk2016_x64.7z
c:\3ds max\3ds2016\autodesk_2016_xfkeygen\xf-adsk2016_x64.exe
c:\3ds max\3ds2016\autodesk_2016_xfkeygen\xf-adsk2016_x86.7z
c:\3ds max\3ds2016\autodesk_2016_xfkeygen\xf-adsk2016_x86.exe
c:\apps\crack\aspr_keys.ini
c:\apps\crack\winspool.drv
c:\apps\cs5\keygen.rar
c:\apps\cs5\adobe cs5 master collection\keygen.rar
c:\apps\office 2010 professional plus\crack\office 2010 toolkit (2).exe
c:\apps\office 2010 professional plus\crack\office 2010 toolkit.exe
c:\apps\office 2010 professional plus\crack\settings (2).ini
c:\apps\office 2010 professional plus\crack\settings.ini
c:\black drive\downloads\agent\forte.agent.v3.0.763.incl.keymaker-zwt\keygen.exe
c:\black drive\downloads\foxit\spvn.foxit.phantom.v1.0.3.0109\crack\foxit phantom.exe
c:\black drive\downloads\foxit\spvn.foxit.phantom.v1.0.3.0109\crack\fpmvpr_drv.dll
c:\black drive\downloads\foxit\spvn.foxit.phantom.v1.0.3.0109\crack\_tieudao_www.softarchive.net\only for adult.url
c:\black drive\downloads\foxit\spvn.foxit.phantom.v1.0.3.0109\crack\_tieudao_www.softarchive.net\share for progressivenes.url
c:\black drive\downloads\kmswv1.3\kmswv1.3\kms activator v1.3_office_2010_vl_eng.exe
c:\black drive\office_2010_professional_plus\crack\office 2010 toolkit.exe
c:\black drive\office_2010_professional_plus\crack\settings.ini
c:\orangekey\yellow key\e-book_-_how_to_make_keygens.pdf
c:\orangekey\yellow key\documents\e-book_-_how_to_make_keygens.pdf
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\de_de\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\de_de\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\de_de\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\es_es\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\es_es\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\es_es\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\fr_fr\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\fr_fr\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\fr_fr\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\it_it\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\it_it\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\it_it\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ja_jp\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ja_jp\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ja_jp\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ko_kr\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ko_kr\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ko_kr\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\pt_br\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\pt_br\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\pt_br\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ru_ru\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ru_ru\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\ru_ru\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\zh_cn\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\zh_cn\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cc 2015\plug-ins\zh_cn\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files (x86)\adobe\adobe dreamweaver cs5.5\configuration\taglibraries\html\keygen.vtm
c:\program files (x86)\adobe\adobe flash catalyst cs5.5\plugins\com.adobe.thermo.core_1.5.0.308731\com\adobe\thermo\undo\thermoundosystem$undoabledocumentchangecracker.class
c:\program files (x86)\unhackme\aspr_keys.ini
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net.rar
c:\rxqdrive\hold\downloads\adobe cs5 master collection\keygen.exe
c:\rxqdrive\hold\downloads\adobe cs5 master collection\keygen.rar
c:\rxqdrive\hold\downloads\camtasia\keygen.exe
c:\rxqdrive\hold\downloads\office\kmspico v4.5.zip
c:\rxqdrive\hold\downloads\office\readme kmspico.txt
c:\rxqdrive\hold\downloads\office\kmspico install\kmspico_install_v4.5.exe
c:\rxqdrive\hold\downloads\office\kmspico install\readme kmspico install.txt
c:\rxqdrive\hold\downloads\office\kmspico oem\readme kmspico oem.txt
c:\rxqdrive\hold\downloads\office\kmspico oem\$oem$\$$\setup\scripts\clean.cmd
c:\rxqdrive\hold\downloads\office\kmspico oem\$oem$\$$\setup\scripts\kmspico.exe
c:\rxqdrive\hold\downloads\office\kmspico oem\$oem$\$$\setup\scripts\runonce.reg
c:\rxqdrive\hold\downloads\office\kmspico oem\$oem$\$$\setup\scripts\setupcomplete.cmd
c:\rxqdrive\hold\downloads\office\kmspico only service\check_activation_all.cmd
c:\rxqdrive\hold\downloads\office\kmspico only service\install_service.cmd
c:\rxqdrive\hold\downloads\office\kmspico only service\readme kmspico service.txt
c:\rxqdrive\hold\downloads\office\kmspico only service\service_kms.exe
c:\rxqdrive\hold\downloads\office\kmspico only service\triggerkms.exe
c:\rxqdrive\hold\downloads\office\kmspico only service\uninstall_service.cmd
c:\rxqdrive\hold\downloads\solidworks\2013\crack\!readme.txt
c:\rxqdrive\hold\downloads\solidworks\2013\crack\pdmworkskeygen.exe
c:\rxqdrive\hold\downloads\solidworks\2013\crack\sw2010-2013.activator.ssq.exe
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.nfo
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.r00
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.r01
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.r02
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.r03
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.r04
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg.rar
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj01.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj02.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj03.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj04.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj05.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj06.zip
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\file_id.diz
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4cg\setup.exe
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj01\f4cg.nfo
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj01\f4cg.r00
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net\sothink.logo.maker.v3.3.cracked-f4cg\f4nbrj01\file_id.diz
c:\rxqdrive\python27\arcgis10.1\lib\site-packages\numpy\f2py\crackfortran.py
c:\rxqdrive\python27\arcgis10.1\lib\site-packages\numpy\f2py\crackfortran.pyc
c:\rxqdrive\python27\arcgis10.1\lib\site-packages\numpy\f2py\crackfortran.pyo
c:\users\kenny\documents\downloads\adobe.captivate.7.0.win64.esd-iso\adobe.captivate.7.0.win64.esd-iso\acp7x64\crack-windows\disable_activation.cmd
c:\users\kenny\documents\downloads\adobe.captivate.7.0.win64.esd-iso\adobe.captivate.7.0.win64.esd-iso\acp7x64\crack-windows\install.txt
c:\users\kenny\documents\downloads\adobe.captivate.7.0.win64.esd-iso\adobe.captivate.7.0.win64.esd-iso\acp7x64\crack-windows\xf-ac7.exe
c:\users\kenny\documents\downloads\apps\cs5\keygen.rar
c:\users\kenny\documents\downloads\apps\cs5\adobe cs5 master collection\keygen.rar
c:\users\kenny\documents\downloads\complete\camtasia\keygen.exe
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\anleitung in germanisch.txt
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\advrcntr6\advrcntr6.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\km\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\nero 12\nero backitup\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\nero 12\nero burning rom\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\nero 12\nero express\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\nero 12\nero recode\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung\crack\nero\nero 12\nero vision\onlineservices\nosproductregistration.dll
c:\users\kenny\documents\downloads\complete\solidworks 2013\sw2013_sp2.0_ssq\_solidsquad_\pdmworkskeygen.exe
c:\users\kenny\documents\downloads\coreldraw graphics suite x6 v16.2.0.998\coreldraw graphics suite x6 v16.2.0.998\keygen.exe
c:\users\kenny\documents\downloads\keygen-core\keygen-core.exe
c:\users\kenny\documents\downloads\keygen-x-force\disable_activation.cmd
c:\users\kenny\documents\downloads\keygen-x-force\keygen-x-force.exe
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\file_id.diz
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\keygen.exe
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\tsz.nfo
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\tszu962a.zip
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\tszu962b.zip
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\uiso96.r00
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\uiso96.rar
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz\uiso96pes.exe
c:\users\kenny\documents\my iso files\keygen-core.activator-xforce+install instruction.zip
c:\users\kenny\downloads\a_cs5.5_mc_keygen_update_win_osx-xforce.rar
c:\users\kenny\downloads\corel draw x5 with keygen.rar
c:\users\kenny\downloads\keygen-core.7z
c:\users\kenny\downloads\keygen-core.activator-xforce+install instruction.zip
c:\users\kenny\downloads\keygen-x-force.7z
c:\users\kenny\downloads\quadsuckercrack.zip
c:\users\kenny\downloads\unha-ckme.8.xxx keygen(2).rar
c:\users\kenny\downloads\un_me 8 build 500 setup+crack.zip
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-osx\disable_activation_osx
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-osx\install.txt
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-osx\xf-accm2015.dmg
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-windows\disable_activation.cmd
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-windows\install.txt
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152\ap.2\adobe_cc_v2015-xforce\crack-windows\xf-adobecc2015.exe
c:\users\kenny\downloads\compressed\hdd regenerator 2011\crack\hdd regenerator.exe
c:\users\kenny\downloads\compressed\hdd regenerator 2011\crack\hddreg.exe
c:\users\kenny\downloads\compressed\hdd regenerator 2011\crack\resurrection.nfo
c:\users\kenny\downloads\corel\08-05-2016\corel draw graphics suite x7.2 -win32-xforce- [mumbai-tpb]\crack\install.txt
c:\users\kenny\downloads\corel\08-05-2016\corel draw graphics suite x7.2 -win32-xforce- [mumbai-tpb]\crack\keygen.exe
c:\users\kenny\downloads\corel\6x\coreldraw technical suite x6 v16.3.0.1114 x64-core\keygen.exe
c:\users\kenny\downloads\corel\6x\coreldraw.graphics.suite.x6.v16.0.0.707.incl.keymaker-core\keygen.exe
c:\users\kenny\downloads\corel\coreldraw technical suite x6 v16.3.0.1114 x64-core\keygen.exe
c:\users\kenny\downloads\corel\keygen\aftershot.pro.2.kgn-core.rar
c:\users\kenny\downloads\corel\keygen\corel.kgn.4.3-core.rar
c:\users\kenny\downloads\corel\keygen\keygen.exe
c:\users\kenny\downloads\coreldraw technical suite x6 v16.3.0.1114 x64-core_i\keygen.exe
c:\users\kenny\downloads\debut.pro.3.01\debut pro 3.01\crack\debut.exe
c:\users\kenny\downloads\jd2 fully loaded 24-10-2014\jd2 fully loaded 24-10-2014\jdownloader2 install and play [premium accounts added]\jd\plugins\hoster\crackedcom.class
c:\users\kenny\downloads\jd2 fully loaded 24-10-2014\jd2 fully loaded 24-10-2014\jdownloader2 install and play [premium accounts added]\znot loader2\new folder\jd\plugins\hoster\crackedcom.class
c:\users\kenny\downloads\keygen\aftershot.pro.2.kgn-core.rar
c:\users\kenny\downloads\keygen\corel.kgn.4.3-core.rar
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\crack\install.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\crack\manga studio 5 materials installation readme.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\crack\manga studio 5 sampledata readme.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\crack\xf-sms502ex.exe
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\manga_studio_ex_v5.0.2_material-xforce\crack\xf-smsex50.dmg
c:\users\kenny\downloads\manga_studio_ex_v5.0.5_macosx-xforce\crack\install.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.5_macosx-xforce\crack\manga studio 5 materials installation readme.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.5_macosx-xforce\crack\manga studio 5 sampledata readme.txt
c:\users\kenny\downloads\manga_studio_ex_v5.0.5_macosx-xforce\crack\xf-msex504.dmg
c:\users\kenny\downloads\manga_studio_ex_v5.0.5_macosx-xforce\crack\xf-sms504ex.exe
hosts 127.0.0.1 lmlicenses.wip4.adobe.com
hosts 127.0.0.1 lm.licenses.adobe.com
hosts 127.0.0.1 3dns.adobe.com
hosts 127.0.0.1 3dns-1.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-4.adobe.com
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-1.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 adobe-dns-4.adobe.com
hosts 127.0.0.1 adobe-dns-5.adobe.com
hosts 127.0.0.1 adobeereg.com
hosts 127.0.0.1 ood.opsource.net
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 ereg.wip.adobe.com
hosts 127.0.0.1 ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 ereg.wip4.adobe.com
hosts 127.0.0.1 hl2rcv.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 activate.wip.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com
hosts 127.0.0.1 activate.wip2.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 activate.wip4.adobe.com
hosts 127.0.0.1 wip.adobe.com
hosts 127.0.0.1 wip1.adobe.com
hosts 127.0.0.1 wip2.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 wip4.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 www.wip.adobe.com
hosts 127.0.0.1 www.wip1.adobe.com
hosts 127.0.0.1 www.wip2.adobe.com
hosts 127.0.0.1 www.wip3.adobe.com
hosts 127.0.0.1 www.wip4.adobe.com
scanner sequence 3.ZZ.11.SEBBKA
 ----- EOF ----- 
 


#13 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 27 April 2017 - 03:33 PM

Here is the FRST.txt file:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017
Ran by Kenny (administrator) on KENNY-PC (27-04-2017 14:55:20)
Running from H:\Antivirus
Loaded Profiles: Kenny (Available Profiles: Kenny)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Windows\System32\tprdpw32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Wisair Ltd.) C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [cpx] => "C:\Users\Kenny\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <===== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Kenny\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [896512 2017-01-13] ()
HKLM-x32\...\Run: [WirelessUSBManager] => C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe [3666256 2010-08-18] (Wisair Ltd.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-05-17] (Macrovision Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [GoogleChromeAutoLaunch_B2C6E0CC5A2A25373676C3A06457B47B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-05-17] (Macrovision Corporation)
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-13] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-13] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  -> No File
Startup: C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2009-09-20] (Hewlett-Packard Co.)
BootExecute: autocheck autochk * Partizan
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:59463;https=127.0.0.1:59463
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 69.1.30.42 69.1.30.43
Tcpip\..\Interfaces\{61EFE29E-D40B-4C22-B3F9-5D9FDC44B62D}: [DhcpNameServer] 69.1.30.42 69.1.30.43
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-03-05] (LastPass)
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.4.cab
Handler: skype4com - No CLSID Value
 
FireFox:
========
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
 
S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 CableAssociation; C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe [1461064 2010-07-07] (Wisair Ltd.)
S3 Dataup; C:\Users\Kenny\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () <==== ATTENTION
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2836296 2016-12-14] (ESET)
S4 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [133552 2011-06-09] (Seiko Epson Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-04-02] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Kenny\AppData\Local\imukl\ct.exe [947200 2017-03-29] (Google Inc.) <==== ATTENTION
S4 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S4 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]
S4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 DLCopyFilter; C:\windows\System32\Drivers\wsr_tbf.sys [52736 2010-07-21] ()
R0 drmkpro64; C:\windows\System32\drivers\ndistpr64.sys [78112 2013-09-28] () <==== ATTENTION
S3 DWA; C:\windows\System32\DRIVERS\WSR_DWA.SYS [570880 2010-08-05] ()
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [70960 2017-01-17] (ESET)
S3 ESETOlmarikOlmascoCleaner; C:\windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [157384 2014-07-15] ()
R3 GeneStor; C:\windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-16] (GenesysLogic)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-05-30] (SafeNet Inc.)
S3 hwa; C:\windows\System32\DRIVERS\WSR_HWA.SYS [947200 2010-08-05] ()
S3 HWARadio; C:\windows\System32\DRIVERS\WSR_RCI.SYS [165376 2010-08-05] ()
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-02] (REALiX™)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NPF; C:\windows\System32\drivers\NPF.sys [35344 2016-01-31] (CACE Technologies, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2017-04-17] (Greatis Software)
R0 PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [871408 2012-06-27] ()
R3 vmulti; C:\windows\System32\DRIVERS\vmulti.sys [19504 2016-01-13] (Windows ® Win 7 DDK provider)
S3 X86BDA; C:\windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
U3 a6xe5b1m; C:\Windows\System32\Drivers\a6xe5b1m.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix_10-02-16\catchme.sys [X]
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [X]
S3 WSR_USF; System32\Drivers\WSR_USF.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-26 20:31 - 2017-04-26 20:31 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-26 20:31 - 2017-04-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-26 20:31 - 2017-04-26 20:31 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-23 12:31 - 2017-04-27 14:55 - 00000000 ____D C:\FRST
2017-04-17 21:27 - 2017-04-17 21:28 - 00262144 _____ C:\windows\Minidump\041717-30420-01.dmp
2017-04-17 21:26 - 2017-04-17 21:26 - 00262144 _____ C:\windows\Minidump\041717-29546-01.dmp
2017-04-17 16:43 - 2017-04-17 16:43 - 00040304 _____ (Greatis Software) C:\windows\SysWOW64\Drivers\Partizan.sys
2017-04-17 16:18 - 2017-04-17 16:18 - 00000000 ____D C:\ProgramData\WRData
2017-04-16 23:21 - 2017-04-17 21:56 - 00000378 _____ C:\windows\Tasks\UnHackMe Task Scheduler.job
2017-04-16 23:21 - 2017-04-17 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2017-04-16 23:21 - 2017-04-17 16:45 - 00000586 _____ C:\Users\Kenny\Desktop\UnHackMe.lnk
2017-04-16 22:49 - 2017-04-16 22:49 - 00464022 _____ C:\Users\Kenny\Desktop\regrunlog.txt
2017-04-16 22:27 - 2017-04-16 22:27 - 00000045 _____ C:\Users\Kenny\Downloads\Unhackme_Key.txt
2017-04-16 21:25 - 2017-04-16 21:25 - 00000274 ____H C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job
2017-04-16 20:59 - 2017-04-17 21:58 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2017-04-16 20:59 - 2017-04-16 20:59 - 00003324 _____ C:\windows\System32\Tasks\UnHackMe Task Scheduler
2017-04-16 20:59 - 2017-04-14 12:48 - 00014984 _____ (Greatis Software, LLC.) C:\windows\SysWOW64\Drivers\UnHackMeDrv.sys
2017-04-16 20:59 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\windows\system32\partizan.exe
2017-04-16 20:58 - 2017-04-14 12:48 - 18681008 _____ (Greatis Software, LLC. ) C:\Users\Kenny\Downloads\unhackme_setup.exe
2017-04-16 20:56 - 2017-04-16 20:58 - 18656117 _____ C:\Users\Kenny\Downloads\unhackme.zip
2017-04-16 20:44 - 2017-04-16 20:45 - 00000000 ___SD C:\32788R22FWJFW
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\llssoft
2017-04-16 20:00 - 2017-04-16 20:00 - 00000000 ____D C:\Users\Kenny\AppData\Local\CEF
2017-04-16 19:59 - 2017-04-17 22:43 - 00000000 ____D C:\Users\Kenny\AppData\Local\ntuserlitelist
2017-04-16 19:48 - 2017-04-16 19:48 - 00262144 _____ C:\windows\Minidump\041617-40934-01.dmp
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-04-16 19:46 - 2017-04-16 21:38 - 00000000 ____D C:\Program Files (x86)\s5
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\c
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\szkec
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\imukl
2017-04-16 19:44 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\AdvinstAnalytics
2017-04-16 19:43 - 2017-04-16 19:44 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microleaves
2017-04-16 19:42 - 2017-04-16 19:43 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\AGData
2017-04-16 19:42 - 2017-04-16 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-04-16 19:41 - 2017-04-16 21:37 - 00000000 ____D C:\Program Files (x86)\AnonymizerGadget
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ___SD C:\windows\system32\CompatTel
2017-04-14 19:30 - 2017-04-14 19:30 - 00000000 ____D C:\windows\system32\appraiser
2017-04-14 19:07 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:07 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 19:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2017-04-14 18:58 - 2017-04-14 18:58 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-04-14 18:58 - 2017-04-14 18:58 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-04-14 18:58 - 2017-04-14 18:58 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2017-04-14 18:58 - 2017-04-14 18:58 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-04-14 18:58 - 2017-04-14 18:58 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2017-04-14 18:58 - 2017-04-14 18:58 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2017-04-14 18:58 - 2017-04-14 18:58 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 18:51 - 2017-04-14 18:51 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-04-14 17:34 - 2017-04-14 17:34 - 148601744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-04-14 17:34 - 2017-04-14 17:34 - 00000000 ____D C:\windows\system32\MRT
2017-04-14 16:57 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2017-04-14 16:57 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2017-04-14 16:56 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2017-04-14 16:56 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2017-04-14 16:56 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2017-04-14 16:56 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2017-04-14 16:56 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2017-04-14 16:56 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2017-04-14 16:56 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2017-04-14 16:55 - 2017-03-24 17:50 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-04-14 16:55 - 2017-03-24 17:42 - 00313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 03165184 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:32 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:30 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-04-14 16:55 - 2017-03-22 10:24 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-04-14 16:55 - 2017-03-22 10:17 - 02651136 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:15 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2017-04-14 16:55 - 2017-03-22 10:15 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-04-14 16:55 - 2017-03-22 10:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-04-14 16:55 - 2017-03-22 10:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2017-04-14 16:55 - 2017-03-14 10:34 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-04-14 16:55 - 2017-03-14 10:34 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-04-14 16:55 - 2017-03-14 10:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-04-14 16:55 - 2017-03-10 11:35 - 00382696 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:31 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:27 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-04-14 16:55 - 2017-03-10 11:20 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2017-04-14 16:55 - 2017-03-10 11:19 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2017-04-14 16:55 - 2017-03-10 11:00 - 03219968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-04-14 16:55 - 2017-03-10 10:53 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-04-14 16:55 - 2017-03-08 15:20 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2017-04-14 16:55 - 2017-03-08 15:10 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2017-04-14 16:55 - 2017-03-07 23:37 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:36 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-04-14 16:55 - 2017-03-07 23:36 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-04-14 16:55 - 2017-03-07 23:36 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-04-14 16:55 - 2017-03-07 23:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 02064384 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:26 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-04-14 16:55 - 2017-03-07 23:26 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-04-14 16:55 - 2017-03-07 23:24 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01416192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-04-14 16:55 - 2017-03-07 23:22 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:21 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 23:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-04-14 16:55 - 2017-03-07 23:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-04-14 16:55 - 2017-03-07 23:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-04-14 16:55 - 2017-03-07 23:00 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-04-14 16:55 - 2017-03-07 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-04-14 16:55 - 2017-03-07 22:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-04-14 16:55 - 2017-03-07 22:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-04-14 16:55 - 2017-03-07 22:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-04-14 16:55 - 2017-03-07 22:55 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-04-14 16:55 - 2017-03-07 22:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-04-14 16:55 - 2017-03-07 22:54 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-04-14 16:55 - 2017-03-07 22:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-04-14 16:55 - 2017-03-07 22:53 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 22:53 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-14 16:55 - 2017-03-07 11:30 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 11:17 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2017-04-14 16:55 - 2017-03-07 09:05 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:27 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\mfmjpegdec.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-04-14 16:55 - 2017-03-03 20:14 - 00077312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmjpegdec.dll
2017-04-14 16:55 - 2017-02-14 11:33 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-04-14 16:55 - 2017-02-14 11:19 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2017-04-14 16:55 - 2017-02-11 10:58 - 00462848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-04-14 16:55 - 2017-02-11 10:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-04-14 16:55 - 2017-02-10 11:32 - 00803328 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2017-04-14 16:55 - 2017-02-10 11:17 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2017-04-14 16:55 - 2017-02-09 11:32 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:31 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2017-04-14 16:55 - 2017-02-09 11:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2017-04-14 16:55 - 2017-02-09 10:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2017-04-14 16:55 - 2017-02-06 11:14 - 00733696 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-04-14 16:55 - 2017-01-18 10:36 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:36 - 00011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-14 16:55 - 2017-01-18 10:35 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 13:00 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-04-14 16:55 - 2017-01-13 12:45 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2017-04-14 16:55 - 2017-01-11 13:01 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-04-14 16:55 - 2017-01-11 12:43 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-04-14 16:55 - 2016-11-21 13:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2017-04-14 16:55 - 2016-11-20 11:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2017-04-14 16:55 - 2016-11-20 09:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-04-14 16:55 - 2016-11-17 11:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2017-04-14 16:55 - 2016-11-10 11:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-04-14 16:55 - 2016-11-10 11:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2017-04-14 16:55 - 2016-11-09 11:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2017-04-14 16:55 - 2016-11-09 11:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2017-04-14 16:55 - 2016-11-09 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2017-04-14 16:55 - 2016-11-09 11:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2017-04-14 16:55 - 2016-11-09 11:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2017-04-14 16:55 - 2016-11-09 10:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2017-04-14 16:55 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-04-14 16:55 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\quick.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\phon.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
2017-04-14 16:55 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2017-04-14 16:55 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-04-14 16:55 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\tintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\quick.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\phon.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\cintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\chajei.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\pintlgnt.ime
2017-04-14 16:55 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2017-04-14 16:55 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2017-04-14 16:55 - 2016-10-11 08:18 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2017-04-14 16:55 - 2016-10-11 08:17 - 00419648 _____ C:\windows\system32\locale.nls
2017-04-14 16:55 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-04-14 16:55 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2017-04-14 16:55 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-04-14 16:55 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2017-04-14 16:55 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2017-04-14 16:55 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2017-04-14 16:55 - 2016-09-15 09:56 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2017-04-14 16:55 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2017-04-14 16:55 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2017-04-14 16:55 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2017-04-14 16:55 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2017-04-14 16:55 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2017-04-14 16:55 - 2016-08-22 11:19 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2017-04-14 16:55 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2017-04-14 16:55 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2017-04-14 16:55 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2017-04-14 16:55 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmRes.dll
2017-04-14 16:55 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmprovhost.exe
2017-04-14 16:55 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmplpxy.dll
2017-04-14 16:55 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-04-14 16:55 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2017-04-14 16:55 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2017-04-14 16:55 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2017-04-14 16:55 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2017-04-14 16:55 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2017-04-14 16:55 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2017-04-14 16:55 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2017-04-14 16:55 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2017-04-14 16:55 - 2016-05-12 08:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2017-04-14 16:55 - 2016-05-12 08:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2017-04-14 16:55 - 2016-03-23 17:43 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 03181568 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-04-14 16:55 - 2016-03-23 17:40 - 00546656 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-04-14 16:55 - 2016-03-23 17:40 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2017-04-14 16:54 - 2017-02-11 11:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-04-14 16:54 - 2017-02-11 11:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-04-14 16:54 - 2017-01-11 13:01 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2017-04-14 16:54 - 2017-01-11 12:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2017-04-14 16:53 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-04-14 16:52 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2017-04-14 16:51 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2017-04-14 16:51 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2017-04-14 16:51 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2017-04-14 16:51 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2017-04-14 16:51 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2017-04-14 16:51 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2017-04-14 16:51 - 2015-07-22 19:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2017-04-14 16:51 - 2015-07-22 12:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2017-04-14 16:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2017-04-14 16:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2017-04-14 16:50 - 2017-02-22 18:42 - 00084712 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-04-14 16:50 - 2017-02-22 18:37 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 01609216 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-04-14 16:50 - 2017-02-18 09:05 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-04-14 16:50 - 2016-12-31 10:36 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-04-14 16:50 - 2016-03-23 17:40 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-04-14 16:50 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2017-04-14 16:50 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2017-04-14 16:50 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2017-04-14 16:50 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2017-04-14 16:50 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2017-04-14 16:49 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2017-04-14 16:47 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2017-04-14 16:47 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2017-04-14 16:47 - 2014-08-28 21:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-04-14 16:47 - 2014-08-28 20:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-04-14 16:46 - 2016-03-16 13:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2017-04-14 16:46 - 2016-03-16 13:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:12 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 05779456 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2017-04-14 16:46 - 2015-07-16 14:11 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2017-04-14 16:46 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-04-14 16:45 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2017-04-14 16:45 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2017-04-14 16:45 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2017-04-14 16:45 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2017-04-14 16:45 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2017-04-14 16:45 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2017-04-14 16:45 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2017-04-14 16:44 - 2016-02-02 13:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-04-14 16:44 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2017-04-14 16:44 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2017-04-14 16:43 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-04-14 16:43 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2017-04-14 16:42 - 2016-05-11 12:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2017-04-14 16:42 - 2016-05-11 10:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2017-04-14 16:42 - 2016-05-11 10:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 10:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2017-04-14 16:42 - 2016-05-11 09:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-04-14 16:42 - 2016-02-05 13:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2017-04-14 16:42 - 2016-02-05 13:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2017-04-14 16:42 - 2016-02-05 12:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2017-04-14 16:42 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2017-04-14 16:42 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2017-04-14 16:42 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-04-14 16:42 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2017-04-14 16:42 - 2015-06-03 15:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2017-04-14 16:42 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2017-04-14 16:42 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2017-04-14 16:42 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2017-04-14 16:42 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2017-04-14 16:42 - 2011-05-04 00:25 - 02315776 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 02223616 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-04-14 16:42 - 2011-05-04 00:22 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2017-04-14 16:42 - 2011-05-04 00:19 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-04 00:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2017-04-14 16:42 - 2011-05-03 23:34 - 01549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 01401344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2017-04-14 16:42 - 2011-05-03 23:32 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2017-04-14 16:42 - 2011-05-03 23:28 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-04-14 16:42 - 2011-05-03 23:28 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2017-04-14 16:41 - 2016-08-29 10:31 - 14183424 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:31 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-04-14 16:41 - 2016-08-29 10:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-04-14 16:41 - 2016-08-29 10:04 - 03229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-04-14 16:41 - 2016-08-29 09:55 - 02972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-04-14 16:41 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2017-04-14 16:41 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2017-04-14 16:41 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2017-04-14 16:41 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2017-04-14 16:41 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2017-04-14 16:40 - 2016-05-12 12:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2017-04-14 16:40 - 2016-05-12 12:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2017-04-14 16:40 - 2016-05-12 12:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2017-04-14 16:40 - 2016-05-12 10:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2017-04-14 16:40 - 2016-03-09 14:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2017-04-14 16:40 - 2016-03-09 13:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2017-04-14 16:40 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-04-14 16:40 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2017-04-14 16:40 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-04-14 16:40 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2017-04-14 16:40 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2017-04-14 16:40 - 2012-01-04 05:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2017-04-14 16:40 - 2012-01-04 03:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccr32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcjt32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbctrac.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccp32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccu32.dll
2017-04-14 16:40 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccr32.dll
2017-04-14 16:40 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2017-04-14 16:40 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2017-04-14 16:40 - 2011-03-11 01:34 - 01395712 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2017-04-14 16:40 - 2011-03-11 01:34 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01164288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll
2017-04-14 16:40 - 2011-03-11 00:33 - 01137664 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2017-04-14 16:39 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-04-14 16:39 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2017-04-14 16:39 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2017-04-14 16:39 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2017-04-14 16:39 - 2016-02-03 13:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2017-04-14 16:39 - 2016-01-20 19:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-04-14 16:39 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-04-14 16:39 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2017-04-14 16:39 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-04-14 16:39 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2017-04-14 16:39 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-04-14 16:39 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2017-04-14 16:39 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2017-04-14 16:39 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2017-04-14 16:39 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\windows\system32\psisdecd.dll
2017-04-14 16:39 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\psisrndr.ax
2017-04-14 16:39 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisdecd.dll
2017-04-14 16:39 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisrndr.ax
2017-04-14 16:39 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2017-04-14 16:39 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2017-04-14 16:39 - 2010-12-23 05:42 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\sbe.dll
2017-04-14 16:39 - 2010-12-23 05:36 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2017-04-14 16:39 - 2010-12-23 00:54 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\sbe.dll
2017-04-14 16:39 - 2010-12-23 00:50 - 00199680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2017-04-14 16:38 - 2016-07-07 10:36 - 01896168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-04-14 16:38 - 2016-07-07 10:36 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-04-14 16:38 - 2016-07-07 10:08 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2017-04-14 16:38 - 2016-03-09 13:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2017-04-14 16:38 - 2016-03-09 13:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2017-04-14 16:38 - 2016-02-04 20:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2017-04-14 16:38 - 2016-02-04 13:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2017-04-14 16:38 - 2016-01-11 14:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2017-04-14 16:38 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2017-04-14 16:38 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2017-04-14 16:38 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2017-04-14 16:38 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2017-04-14 16:38 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-04-14 16:38 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2017-04-14 16:38 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2017-04-14 16:38 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2017-04-14 16:38 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2017-04-14 16:38 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2017-04-14 16:38 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2017-04-14 16:38 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2017-04-14 16:38 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2017-04-14 16:38 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2017-04-14 16:38 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2017-04-14 16:38 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2017-04-14 16:38 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2017-04-14 16:38 - 2011-03-03 01:24 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 01:24 - 00183296 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-04-14 16:38 - 2011-03-03 01:21 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2017-04-14 16:38 - 2011-03-03 00:38 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-04-14 16:38 - 2011-03-03 00:36 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2017-04-14 16:37 - 2016-05-11 12:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-04-14 16:37 - 2016-05-11 10:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-04-14 16:37 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2017-04-14 16:37 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2017-04-14 16:37 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2017-04-14 16:37 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2017-04-14 16:37 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2017-04-14 16:37 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2017-04-14 16:37 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2017-04-14 16:37 - 2011-12-30 01:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2017-04-14 16:37 - 2011-12-30 00:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2017-04-14 16:10 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2017-04-14 16:10 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2017-04-14 15:56 - 2017-04-14 15:56 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-05 23:41 - 2017-04-05 23:42 - 302321388 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 23:31 - 2017-04-05 23:31 - 12467357 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (192kbit_AAC).m4a
2017-04-05 23:30 - 2017-04-05 23:30 - 00000068 _____ C:\Users\Kenny\Downloads\MD 500 Start up, flight, and shut down (Description).txt
2017-04-05 22:55 - 2017-04-05 22:55 - 67769383 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (480p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:51 - 2017-04-05 22:51 - 11271280 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (152kbit_Opus).ogg
2017-04-05 22:50 - 2017-04-05 22:50 - 08342733 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (128kbit_AAC).m4a
2017-04-05 22:50 - 2017-04-05 22:50 - 07782289 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (192kbit_AAC).m4a
2017-04-05 22:49 - 2017-04-05 22:49 - 00000111 _____ C:\Users\Kenny\Downloads\Panama City Beach Helicopter Tour (Description).txt
2017-04-05 22:48 - 2017-04-05 22:50 - 166914741 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:49 - 109776105 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Panama City Beach and Shell Island Heli Ride (Description).txt
2017-04-05 22:48 - 2017-04-05 22:48 - 00000099 _____ C:\Users\Kenny\Downloads\Helicopter ride - Panama City Beach Florida (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 22397676 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (1080p_25fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02674695 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02669174 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 02630944 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (720p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 01692670 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (1080p_30fps_H264-128kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00953909 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00346925 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (720p_30fps_H264-192kbit_AAC).mp4
2017-04-05 22:42 - 2017-04-05 22:42 - 00146128 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (128kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080545 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080540 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00080181 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00041119 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (192kbit_AAC).m4a
2017-04-05 22:42 - 2017-04-05 22:42 - 00001126 _____ C:\Users\Kenny\Downloads\colored old film look with scratches - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00001120 _____ C:\Users\Kenny\Downloads\flickering simple old film look - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000985 _____ C:\Users\Kenny\Downloads\old film look dirty lenses - HD overlay (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000196 _____ C:\Users\Kenny\Downloads\Space Time Vortex loop (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000152 _____ C:\Users\Kenny\Downloads\Time Vortex V2 - Free FX_Stuff (Description).txt
2017-04-05 22:42 - 2017-04-05 22:42 - 00000115 _____ C:\Users\Kenny\Downloads\Lens Flare Flash Transition - Free Overlay Stock Footage (Description).txt
2017-04-05 22:23 - 2017-04-05 22:23 - 121397723 _____ C:\Users\Kenny\Downloads\Hey Joe 70yo Czech Rocker.mp4
2017-04-05 21:31 - 2017-04-05 21:31 - 00000000 ____D C:\Users\Kenny\Documents\Screencast-O-Matic
2017-04-03 14:37 - 2017-04-03 14:42 - 00000000 ____D C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable
2017-04-03 14:37 - 2017-04-03 14:37 - 00000000 ____D C:\windows\XSxS
2017-04-03 14:33 - 2017-04-03 14:35 - 219384929 _____ C:\Users\Kenny\Downloads\Corel_DRAW_X5_Portable.rar
2017-04-02 23:02 - 2017-04-02 23:02 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
2017-04-02 20:54 - 2017-04-02 20:54 - 00262144 _____ C:\windows\Minidump\040217-28282-01.dmp
2017-04-02 20:44 - 2017-04-02 20:44 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2017-04-02 20:44 - 2017-04-02 20:44 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-04-02 20:40 - 2017-04-02 20:40 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-04-02 20:34 - 2017-04-02 20:34 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2017-04-02 20:32 - 2017-04-02 20:32 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2017-04-02 20:32 - 2017-04-02 20:32 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2017-04-02 20:32 - 2017-04-02 20:32 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2017-04-02 20:28 - 2017-04-02 20:28 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2017-04-02 20:28 - 2017-04-02 20:28 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2017-04-02 20:19 - 2017-04-02 21:03 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\LflhvyQg
2017-04-02 20:19 - 2017-04-02 20:19 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2017-04-02 20:19 - 2017-04-02 20:19 - 00129536 _____ C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2017-04-02 20:06 - 2017-04-02 20:06 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2017-04-02 19:56 - 2017-04-02 19:56 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2017-04-02 19:56 - 2017-04-02 19:56 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2017-04-02 19:55 - 2017-04-02 19:55 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-04-02 19:54 - 2017-04-02 19:54 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2017-04-02 19:53 - 2017-04-02 19:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2017-04-02 19:52 - 2017-04-02 19:52 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2017-04-02 19:52 - 2017-04-02 19:52 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2017-04-02 19:43 - 2017-04-02 19:43 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2017-04-02 19:43 - 2017-04-02 19:43 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2017-04-02 19:42 - 2017-04-02 19:42 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2017-04-02 19:42 - 2017-04-02 19:42 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2017-04-02 19:42 - 2017-04-02 19:42 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2017-04-02 19:42 - 2017-04-02 19:42 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2017-04-02 19:41 - 2017-04-02 19:41 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2017-04-02 19:41 - 2017-04-02 19:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2017-04-02 19:40 - 2017-04-02 19:40 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2017-04-02 19:40 - 2017-04-02 19:40 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2017-04-02 19:39 - 2017-04-02 19:39 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2017-04-02 19:39 - 2017-04-02 19:39 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2017-04-02 19:36 - 2017-04-02 19:36 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2017-04-02 19:34 - 2017-04-02 19:34 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2017-04-02 19:34 - 2017-04-02 19:34 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2017-04-02 19:28 - 2017-04-02 19:28 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2017-04-02 19:28 - 2017-04-02 19:28 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-04-02 19:27 - 2017-04-02 19:27 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2017-04-02 19:27 - 2017-04-02 19:27 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00384000 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-04-02 19:26 - 2017-04-02 19:26 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2017-04-02 19:26 - 2017-04-02 19:26 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-04-02 19:26 - 2017-04-02 19:26 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-04-02 19:22 - 2017-04-02 19:22 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2017-04-02 19:22 - 2017-04-02 19:22 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2017-04-02 19:10 - 2017-04-02 19:10 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2017-04-02 19:10 - 2017-04-02 19:10 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2017-04-02 19:10 - 2017-04-02 19:10 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2017-04-02 19:03 - 2017-04-02 19:03 - 43868160 _____ C:\windows\system32\config\COMPONENTS.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 117964800 _____ C:\windows\system32\config\SOFTWARE.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00323584 _____ C:\windows\system32\config\DEFAULT.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00028672 _____ C:\windows\system32\config\SECURITY.iobit
2017-04-02 19:03 - 2017-04-02 19:03 - 00024576 _____ C:\windows\system32\config\SAM.iobit
2017-04-02 18:49 - 2017-04-02 18:49 - 00262144 _____ C:\windows\Minidump\040217-21824-01.dmp
2017-04-02 18:38 - 2017-04-16 19:08 - 00000000 ____D C:\GetNZB Downloads
2017-04-02 18:37 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000979 _____ C:\Users\Kenny\Desktop\GetNZB.lnk
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetNZB
2017-04-02 18:37 - 2017-04-02 18:37 - 00000000 ____D C:\Program Files (x86)\GetNZB
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N C:\windows\system32\tprdpw32.exe
2017-03-28 18:22 - 2017-03-28 18:22 - 06113439 _____ (InstallShield Software Corporation) C:\Users\Kenny\Downloads\pci_filerecovery.exe
2017-03-28 18:14 - 2017-03-28 18:14 - 00000000 ____D C:\Program Files\EaseUS
2017-03-28 18:13 - 2017-03-28 18:13 - 16918168 _____ (EaseUS ) C:\Users\Kenny\Downloads\UnDeleteFlashdrives_free.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-27 14:51 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-27 14:51 - 2009-07-13 23:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-27 14:43 - 2016-10-02 12:25 - 00000250 _____ C:\windows\SysWOW64\PARTIZAN.TXT
2017-04-27 14:43 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-26 22:48 - 2013-02-09 11:00 - 00000000 ____D C:\Program Files (x86)\Sony
2017-04-26 22:42 - 2015-08-03 22:30 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Photodex
2017-04-26 22:42 - 2013-05-21 18:03 - 00000000 ____D C:\ProgramData\Photodex
2017-04-26 22:39 - 2015-06-21 17:34 - 00000918 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job
2017-04-26 22:36 - 2016-09-30 21:01 - 00000000 ____D C:\Program Files\Corel
2017-04-26 22:35 - 2016-01-31 21:15 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2017-04-26 22:27 - 2015-07-04 14:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-26 22:24 - 2011-04-26 22:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-26 22:07 - 2012-10-08 19:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2017-04-26 22:03 - 2016-01-31 17:42 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-26 22:01 - 2016-01-31 17:42 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\IObit
2017-04-26 22:01 - 2016-01-31 17:42 - 00000000 ____D C:\ProgramData\IObit
2017-04-26 21:59 - 2015-07-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-04-26 21:58 - 2016-10-19 15:38 - 00000000 ____D C:\Program Files (x86)\HostsMan
2017-04-26 21:57 - 2016-10-19 15:38 - 00000000 ____D C:\ProgramData\abelhadigital.com
2017-04-26 21:55 - 2017-01-02 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-04-26 21:52 - 2012-06-29 10:08 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Corel
2017-04-26 21:36 - 2012-06-27 09:15 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Autodesk
2017-04-26 21:36 - 2012-06-27 09:15 - 00000000 ____D C:\ProgramData\Autodesk
2017-04-26 21:30 - 2015-12-06 18:41 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-04-26 20:56 - 2011-04-26 22:10 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-26 20:54 - 2015-02-14 00:22 - 00000000 ____D C:\Program Files (x86)\Hp
2017-04-23 17:38 - 2015-06-21 17:34 - 00000866 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job
2017-04-23 15:20 - 2012-07-02 15:29 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\vlc
2017-04-23 14:05 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2017-04-17 22:02 - 2016-10-02 12:21 - 00000000 ____D C:\@RestoreQuarantine
2017-04-17 21:59 - 2016-10-02 12:07 - 00000000 ____D C:\ProgramData\RegRun
2017-04-17 21:58 - 2016-10-02 12:07 - 00000000 ____D C:\Users\Kenny\Documents\RegRun2
2017-04-17 21:27 - 2016-02-20 10:47 - 488997878 _____ C:\windows\MEMORY.DMP
2017-04-17 21:27 - 2013-01-13 21:54 - 00000000 ____D C:\windows\Minidump
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\winstart.bat
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\CONFIG.NT
2017-04-16 23:21 - 2016-10-02 12:07 - 00000002 RSHOT C:\windows\SysWOW64\AUTOEXEC.NT
2017-04-16 23:01 - 2017-01-01 23:27 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2017-04-16 21:14 - 2016-01-17 22:22 - 00196608 _____ C:\windows\system32\Ikeext.etl
2017-04-16 21:14 - 2013-06-05 19:57 - 00000000 ____D C:\windows\pss
2017-04-16 20:44 - 2015-12-26 21:55 - 05659609 _____ (Swearware) C:\Users\Kenny\Downloads\ComboFix.exe
2017-04-16 20:40 - 2009-07-14 00:13 - 00786538 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-16 20:40 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2017-04-16 20:03 - 2016-01-31 12:09 - 00003124 _____ C:\windows\System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95}
2017-04-16 20:03 - 2014-01-27 15:04 - 00003154 _____ C:\windows\System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2}
2017-04-16 20:03 - 2014-01-27 15:03 - 00003166 _____ C:\windows\System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5}
2017-04-16 20:03 - 2013-06-05 21:38 - 00003220 _____ C:\windows\System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2}
2017-04-16 20:03 - 2013-04-08 21:02 - 00003086 _____ C:\windows\System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530}
2017-04-16 20:03 - 2012-08-04 10:16 - 00003340 _____ C:\windows\System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809}
2017-04-16 20:03 - 2012-07-07 14:58 - 00003122 _____ C:\windows\System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93}
2017-04-16 20:02 - 2016-10-18 14:55 - 00003318 _____ C:\windows\System32\Tasks\CorelUpdateHelperTaskCore
2017-04-16 19:55 - 2014-09-23 16:42 - 00000000 ___RD C:\Users\Kenny\Dropbox
2017-04-16 14:59 - 2017-01-30 23:44 - 00000000 ____D C:\HSBC
2017-04-16 14:07 - 2009-07-13 22:20 - 00000000 ____D C:\windows\tracing
2017-04-16 10:59 - 2014-05-26 20:13 - 00000000 ____D C:\Users\Kenny\AppData\Local\JDownloader v2.0
2017-04-16 10:58 - 2009-07-13 22:20 - 00000000 ____D C:\windows\AppCompat
2017-04-16 10:50 - 2016-11-23 13:14 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\Mozilla
2017-04-15 14:43 - 2015-03-05 14:30 - 00000000 ____D C:\Users\Kenny\AppData\LocalLow\LastPass
2017-04-14 19:53 - 2015-06-21 17:34 - 00000000 ____D C:\Users\Kenny\AppData\Local\Dropbox
2017-04-14 19:51 - 2012-06-23 22:40 - 00001413 _____ C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-14 19:41 - 2011-02-12 14:33 - 00000000 ____D C:\windows\Panther
2017-04-14 19:39 - 2009-07-13 23:45 - 05372656 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-14 19:31 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Dism
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions
2017-04-14 19:31 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-14 19:17 - 2017-02-28 20:04 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}
2017-04-14 18:20 - 2012-06-27 09:21 - 00778660 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-04-14 15:57 - 2014-09-23 16:37 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Dropbox
2017-04-14 15:52 - 2015-05-22 06:31 - 00032650 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-04-12 20:42 - 2012-06-24 00:38 - 00194848 _____ C:\Users\Kenny\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-10 21:00 - 2014-05-08 13:46 - 00003330 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2
2017-04-10 21:00 - 2013-07-09 11:25 - 00003202 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3
2017-04-10 15:00 - 2016-01-31 17:43 - 00000000 ____D C:\ProgramData\ProductData
2017-04-09 23:02 - 2013-06-02 16:52 - 00000000 ____D C:\windows\System32\Tasks\NCH Software
2017-04-09 19:59 - 2012-06-27 09:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-04-09 19:15 - 2017-02-10 18:28 - 00000000 ____D C:\BCHS
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\ProgramData\ESET
2017-04-09 12:45 - 2013-04-10 21:34 - 00000000 ____D C:\Program Files\ESET
2017-04-08 11:34 - 2017-01-02 00:04 - 00002096 _____ C:\Users\Kenny\Desktop\Advanced SystemCare 10.lnk
2017-04-03 23:34 - 2013-01-31 23:31 - 00000000 ____D C:\Art
2017-04-02 23:02 - 2017-03-10 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2017-04-02 23:02 - 2017-03-10 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-02 20:55 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-30 19:40 - 2012-07-02 15:23 - 00091136 _____ C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-29 15:32 - 2012-12-28 11:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-28 18:23 - 2011-04-26 21:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-28 15:27 - 2016-11-18 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
 
==================== Files in the root of some directories =======
 
2015-05-30 21:45 - 2007-03-31 16:34 - 129165278 _____ (Corel Corporation) C:\Program Files\CorelDRW.exe
2012-10-08 21:43 - 2012-10-08 21:43 - 62664192 _____ () C:\Program Files\eset_nt64_enu.msi
2016-05-05 18:51 - 2016-05-05 18:51 - 1505408 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetup.exe
2015-03-05 14:30 - 2015-03-05 14:30 - 14242360 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-07-24 17:09 - 2016-07-24 17:09 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2014-03-13 08:30 - 2017-02-19 14:47 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-12-15 12:42 - 2013-12-15 12:42 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-07-01 22:54 - 2017-03-25 16:52 - 0000132 _____ () C:\Users\Kenny\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-04-02 20:19 - 2017-04-02 20:19 - 0129536 _____ () C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
2012-08-10 16:12 - 2012-08-10 16:40 - 0557056 _____ () C:\Users\Kenny\AppData\Roaming\SharedSettings.ccs
2017-04-02 20:19 - 2017-04-02 20:19 - 2710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2012-07-02 15:23 - 2017-03-30 19:40 - 0091136 _____ () C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-03 20:56 - 2013-10-03 20:56 - 0000026 ____H () C:\ProgramData\.811261211181235583101118113995
2014-02-04 23:17 - 2016-10-02 12:33 - 0007289 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
2017-04-26 21:10 - 2013-11-25 12:30 - 0015752 _____ (Autodesk, Inc.) C:\Users\Kenny\AppData\Local\Temp\AcDeltree.exe
2017-04-26 20:59 - 2017-01-02 00:04 - 0178903 _____ () C:\Users\Kenny\AppData\Local\Temp\Uninstall.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\SysWOW64\wininit.exe => MD5 is legit
C:\windows\explorer.exe
[2017-04-14 16:41] - [2016-08-29 10:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA
 
C:\windows\SysWOW64\explorer.exe
[2017-04-14 16:41] - [2016-08-29 09:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935
 
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\SysWOW64\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll
[2017-04-14 16:55] - [2016-11-10 11:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542
 
C:\windows\SysWOW64\User32.dll
[2017-04-14 16:55] - [2016-11-10 11:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C
 
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\SysWOW64\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\dnsapi.dll => MD5 is legit
C:\windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
 
LastRegBack: 2017-04-23 13:57
 
==================== End of FRST.txt ============================


#14 Ragnarviking

Ragnarviking
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 27 April 2017 - 03:36 PM

...and the Addition.txt file:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2017
Ran by Kenny (27-04-2017 14:56:54)
Running from H:\Antivirus
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-24 03:39:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1182291490-1180826050-772089516-500 - Administrator - Disabled)
Guest (S-1-5-21-1182291490-1180826050-772089516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1182291490-1180826050-772089516-1003 - Limited - Enabled)
Kenny (S-1-5-21-1182291490-1180826050-772089516-1001 - Administrator - Enabled) => C:\Users\Kenny
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2 (HKLM-x32\...\3dsMaxDesign2015_SP2 3dsMaxDesign2015_SP2) (Version: 3dsMaxDesign2015_SP2 - 3dsMaxDesign2015_SP2)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.3.1114 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Capture (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common Apps (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Connect (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Core (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Custom Data (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Designer (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Draw (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - EN (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Filters (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - FontNav (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Content (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - PHOTO-PAINT (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Photozoom Plugin (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Redist (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Setup Files (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VBA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VideoBrowser (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VSTA (x64) (Version: 16.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Writing Tools (x64) (Version: 16.4 -  Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Document Capture Pro (HKLM-x32\...\{C3C7DD77-6034-48A4-BE26-7F10F7357228}) (Version: 1.00.0004 - Seiko Epson Corporation)
Dropbox (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)
EasyLog USB (HKLM-x32\...\{073136C3-4A9F-4300-BDEA-8BB3FFD66962}) (Version: 7.2.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version:  - Lascar Electronics Ltd.)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 1.30.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.00.0000 - SEIKO EPSON Corp.)
EPSON WorkForce DS-30 Scanner Driver Update (HKLM-x32\...\{7F75CDB7-4F59-409E-9704-792214A262F8}) (Version:  - )
ESET NOD32 Antivirus (HKLM\...\{1ECE2323-0C41-412D-B7EF-1997F810C439}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileFinder (HKLM-x32\...\FileFinder) (Version: 1.0.1 - Webitar Production Inc.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.5.124 - Foxit Corporation)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
GetNZB version 1.404 (HKLM-x32\...\GetNZB_is1) (Version: 1.404 - )
Golden Videos VHS to DVD Converter (HKLM-x32\...\GoldenVideos) (Version: 3.04 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Image Downloader v1.0 (HKLM-x32\...\{E6097F72-3D12-4ACF-8868-3C938DA36AB8}) (Version: 1.1.0 - Google Image Downloader)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (x32 Version: 2.5 - honestech) Hidden
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2246 - Intel Corporation)
IPM_Common_x64 (Version: 2.3 - Your Company Name) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junior Icon Editor (HKLM-x32\...\Junior Icon Editor) (Version: 4.33 - SibCode)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kestrel Communicator (HKLM-x32\...\{B8FAE663-DCC4-40E3-966D-4AE5B181769C}) (Version: 2.1.1 - Nielsen-Kellerman)
Kodi (HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\Kodi) (Version:  - XBMC-Foundation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Magic ISO Maker v5.3 (build 0229) (HKLM-x32\...\Magic ISO Maker v5.3 (build 0229)) (Version:  - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 en-US)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Online Application Installer (x32 Version: 2.0.0 - Microleaves) Hidden <==== ATTENTION
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
ParticleShop - Core (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (Version: 1.3 - Corel Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.31 - NCH Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Runtime VS2005 SP1 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 All 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 OpenMP 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 x64 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.2.17 - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.30 - NCH Software)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VSDC Free Video Editor version 3.3.5.411 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.3.5.411 - Flash-Integro LLC)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless USB WinDrivers (HKLM-x32\...\InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}) (Version: 14.2.77.6 - IOGEAR)
Wireless USB WinDrivers (Version: 14.2.77.6 - IOGEAR) Hidden
XVL Player / XVL Player Pro (Ver. 9 or later) 64-bit Edition (HKLM-x32\...\{936575FE-E49B-4CE9-9934-0329727476C8}) (Version: 12.1a - Lattice Technology)
XVL Studio 3D Corel Edition x64 (HKLM-x32\...\{137926AA-703D-4382-81A7-BD30EDAFB6C9}) (Version: 1.0 - Lattice Technology)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kenny\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1182291490-1180826050-772089516-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kenny\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08FD617A-5121-4404-8D0C-7DDAC62B4FB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {09F3B29E-26BD-4E14-9C02-BC1D05B5CF83} - \Driver Booster SkipUAC (Kenny) -> No File <==== ATTENTION
Task: {34840C07-9C36-4FEF-9509-17173B8766FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {378420EA-BC69-43D7-9292-7F62BD0F0A48} - System32\Tasks\Uninstaller_SkipUac_Kenny => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 
Task: {58A3DC5A-FCAB-405F-8D41-1249FBA1E3BB} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {785F9FAA-8BEF-4FB0-88A5-A6F710809BA4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-08-25] (Corel Corporation)
Task: {798F5CD2-518D-45EB-B0EF-54C961AB18F6} - System32\Tasks\ASC10_SkipUac_Kenny => C:\Program Files (x86)\IObit\Advanced SystemCare 10 PRO\ASC.exe 
Task: {8D371BEF-E4C7-45E0-AEA8-B422A0088D52} - System32\Tasks\{142C1CAB-A67B-4FA3-B351-446F55D67809} => pcalua.exe -a C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0\setup.exe -d C:\Users\Kenny\Documents\Downloads\complete\Bulk.Image.Downloader.v4.22.0.1-Lz0
Task: {8DCC176C-438F-457E-8B2E-104CEFF63F0B} - System32\Tasks\{6618530A-560B-4136-82EB-2E8979DE6D95} => pcalua.exe -a C:\PROGRA~2\ULTIMA~1\UNWISE.EXE -c C:\PROGRA~2\ULTIMA~1\INST.LOG
Task: {8DF637C4-5338-4042-9DA0-2E593842A5B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70 => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {97B2A286-7586-4A29-9F54-D045B6B40E3B} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7cc0e6462ed3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A28A7D1A-BAFA-4B82-8332-D6B3D47AA83C} - System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2} => pcalua.exe -a G:\Hold\Downloads\SolidWorks\2013\Crack\SW2010-2013.Activator.SSQ.exe -d G:\Hold\Downloads\SolidWorks\2013\Crack
Task: {A2DA51AF-80A8-44AF-AD1F-BCB60A540308} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {A67E2D73-4BB3-4F0E-8CC5-848A26731591} - System32\Tasks\Opera scheduled Autoupdate 1425845139 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-02] (Opera Software)
Task: {BA9BED31-1EFC-44BF-BED6-BB00EA6112EA} - System32\Tasks\{048B4976-5B81-48B3-A6F2-91FC9C6269E5} => pcalua.exe -a "C:\Users\Kenny\Downloads\AutodeskDesignRevSetup (1).exe" -d C:\Users\Kenny\Downloads
Task: {BD85579D-AFC2-4AE0-A95A-40A4861CA235} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6aedda28f2f2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BE8D9B8E-1488-46EF-9BD1-0A49134CB08A} - System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93} => pcalua.exe -a C:\Users\Kenny\Documents\Agent7.exe -d C:\Users\Kenny\Documents
Task: {D53CA6E0-39B8-4022-9658-7022EEEB7638} - System32\Tasks\{99F84928-9C99-4DFE-94A4-FB79570C1AE2} => pcalua.exe -a C:\Users\Kenny\Downloads\AutodeskDesignRevSetup.exe -d C:\Users\Kenny\Downloads
Task: {D8A49DAE-36A1-457B-9CE7-A7DC8F1ACDDA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E18569BF-346B-4BEB-9904-61D8508205EA} - System32\Tasks\{D4C2A86B-4FC4-4678-98F7-EE4CE217B530} => pcalua.exe -a G:\Hold\Nero\NeroPortable.exe -d G:\Hold\Nero
Task: {F70E58AD-CC4D-4465-8258-74AE3F4EBD01} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA.job => C:\Users\Kenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001Core.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1182291490-1180826050-772089516-1001UA1cf2aaf76556c70.job => C:\Users\Kenny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\UnHackMe Task Scheduler.job => O:\UnHackMe\hackmon.exe $(Arg0)  Greatis Software, LLC. ?Part of RegRun Suite/UnHackMe software. hxxp:/www.greatis.com
Task: C:\windows\Tasks\User_Feed_Synchronization-{1546F1F9-2877-4248-B890-1CDAB19F9F7B}.job => C:\windows\system32\msfeedssync.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Kenny\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-06-30 03:23 - 2016-11-13 18:31 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-03-29 19:04 - 2017-03-29 19:04 - 00833024 ____N () C:\windows\system32\tprdpw32.exe
2010-11-19 05:22 - 2010-11-11 23:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-08-18 16:38 - 2010-08-18 16:38 - 00055608 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\CompInfo.dll
2010-12-20 19:53 - 2010-12-20 19:53 - 00094016 _____ () C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WUSBResource.dll
2011-04-26 22:02 - 2009-07-16 11:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2011-04-26 22:02 - 2007-12-31 12:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2015-12-02 11:58 - 2015-11-16 13:32 - 00919040 _____ () C:\windows\mod_frst.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:NA9neJm8azOWRQimgVEJ [1984]
AlternateDataStreams: C:\ProgramData\Microsoft:N22G5oeVojqAN0YRATXc4 [2324]
AlternateDataStreams: C:\ProgramData\Microsoft:ScZA6zOFIgdVBGXsFu5qj3 [2088]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]
AlternateDataStreams: C:\Users\Kenny\Cookies:dbDELzmMFy1QJZSKPtVcBkjxTNbs [2018]
AlternateDataStreams: C:\Users\Kenny\Cookies:UNyxI5x0ybWi460VVi13 [2376]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ESETOlmarikOlmascoCleaner.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-10-19 15:27 - 00002047 ____A C:\windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
127.0.0.1 www.autodesk.com
127.0.0.1 autodesk.com
127.0.0.1 www.corel.com
127.0.0.1 corel.com
127.0.0.1 www.coreldraw.com
127.0.0.1 coreldraw.com127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
 
There are 28 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 3
MSCONFIG\Services: AdAppMgrSvc => 3
MSCONFIG\Services: AdvancedSystemCareService10 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3
MSCONFIG\Services: clr_optimization_v2.0.50727_64 => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: Dataup => 
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: EpsonScanSvc => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: hpqcxs08 => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: mi-raysat_3dsmax2015_64 => 3
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: Net Driver HPZ12 => 2
MSCONFIG\Services: NETGEARGenieDaemon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: Pml Driver HPZ12 => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: PSI_SVC_2_x64 => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: realtek_amd64 => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: ShellHWDetection => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: windowsmanagementservice => 
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk => C:\Windows\pss\SolidWorks Background Downloader.lnkCommon Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UMonit => C:\windows\SysWOW64\UMonit.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{265E4909-8F20-41C5-A4C4-151D1829DE0E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3DADDB29-ECA7-41D9-8249-990DC3B81E40}] => (Allow) LPort=2869
FirewallRules: [{7B5C4703-0DC6-494A-A570-DD0C79FDF54B}] => (Allow) LPort=1900
FirewallRules: [{8DC4FBA7-8ABB-4552-9EE3-459650219D8B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A9BB1148-6471-4413-814C-85464B7DFA78}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F75A7D92-2FA3-4355-A465-C1E8677BC22C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{8F19CBB5-095D-47B5-97F8-02BC3AA4D21D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E7B07342-CC73-45B0-B494-71F90CAA45B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{C895FAED-C7F9-4613-838C-E0E5A07F9A34}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{20639599-951D-425C-8B1F-2D90DDF0964B}] => (Allow) LPort=7935
FirewallRules: [{2AEB89F3-0857-4EA8-ADC8-4E224A254EEC}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [{8F558CB3-A440-41BD-BB7D-58710207CF2A}] => (Allow) C:\Windows\SysWOW64\lxcicoms.exe
FirewallRules: [TCP Query User{4D1AC42A-60A7-4867-B92A-3DA4DF91BE50}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{415069A8-1523-4898-B816-32DB4098A26C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{12FE872A-DBF2-4D6C-95AD-91B95A02ABE7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{607DFBD9-E65F-4BCD-99BE-FA499614D8D2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{0A67C560-FB4D-4604-8536-E9CCE1F4DED9}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{86973699-DDC4-4ACB-9128-F3D3A097AA59}E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) E:3\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [TCP Query User{9D07D42F-2A0A-4CBA-9308-D3EBC416877A}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [UDP Query User{1C836163-4814-4938-AC21-7614693C1171}G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat] => (Allow) G:\hold\downloads\solidworks\solidworks 2013\solidworks flow simulation 2013 sp0.dat
FirewallRules: [{62D1D53D-B2B3-4FB5-A083-269E55FF7727}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{7CAA77C5-A5B8-4434-98B0-B7D9A6D022D9}] => (Allow) C:\Users\Kenny\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{B313C5B1-8774-405A-A7E7-5E8F41E4D517}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0F0C22A9-C0B3-4DFE-87B6-6C71C012BDC1}C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\kenny\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D6166114-5E09-47D6-ACD1-361FD7ED15D5}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30077A69-F6B6-44E4-BB22-C87644243013}] => (Allow) C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C7B665FE-2A37-493F-A99E-D03298BA1402}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0F1AA537-9F6D-4B4E-A7F3-FB11A0AB66C6}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4349BC9C-FAB0-4731-BEA7-570856F379A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9AAD1FAD-4425-4F82-80B7-307EFD982572}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5057CBFE-FCB4-4C17-9ECC-99609AC009DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6D27503F-4EF9-4241-AC71-9FD497FDB70D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C3F615FB-80F2-499C-8CBC-8F56FA81DD73}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{93DC2DE1-A0FD-46BE-8231-1AC1D04C9A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52DE9E70-F821-4DF5-B75E-858144FF199F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9F2E6A43-7BDB-4DC3-9CF5-5D4E740BBFC3}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{473603DA-508D-4DFE-84B1-2A12B161C487}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{6D98085D-F83F-40B9-903F-35D6EA4542C0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{AA9287BD-EBFB-4230-90FC-CA868E65A6B9}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{ABD5E5DE-3909-4D4B-B5F4-71A7631799FC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2DAB4DA7-1191-41CD-91AE-17112F3A4DE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{E4EA45A0-D360-46B3-AD57-11497847B2DA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{1E932A4E-65AC-4400-96DB-5450F8064415}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{6947C71A-1FC1-4CEF-922C-CED9722E937D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{B997C707-1DAE-46B4-8DD2-68A8B264BCDC}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{72AC4099-C5E6-45C1-9C95-D6793F80F7D4}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [TCP Query User{7104BA23-2698-4027-8BEC-B32881DDF072}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{66930B94-9B86-4F01-A740-37FA89F4F397}E:2\corel\coreldraw x7\coreldraw x7.exe] => (Allow) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{655915FF-ACD3-4663-99C0-2464B4997A9A}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{B1E45A98-DC06-4917-93A9-210C176E1709}] => (Block) E:2\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{FBDA2001-EA7D-4DF4-B4C1-8FDCA2EB79F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{836BF431-9721-4686-9D35-EC2485C0735D}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [{ECFC2DF0-FE8C-497E-8774-EE1E030E47E0}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [TCP Query User{8DDA7F2D-3F0C-41DA-854A-ACB37A3386EB}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [UDP Query User{6FEB2462-BF84-41E0-A0A2-6A358598B5BA}H:\corel\coreldraw x7\coreldraw x7.exe] => (Allow) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{0D2403A5-8C68-4568-8FE9-0B3AECCEAFCE}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
FirewallRules: [{7A6CFEA9-7254-4842-9812-9332F8F8579C}] => (Block) H:\corel\coreldraw x7\coreldraw x7.exe
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\Corel Draw 11 Portable 100 Working.rar yEnc 1 10\autoextracted\Corel Draw 11 Portable (100 Working).exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\GetNZB Downloads\CorelDraw Graphics Suite X6 16.0.0.707 2012Eng.rar\autoextracted\CorelDraw Graphics Suite X6 16.0.0.707 (2012Eng).exe] => Enabled:Windows Messanger
 
==================== Restore Points =========================
 
Could not list restore points
Check "winmgmt" service or repair WMI.
 
 
==================== Faulty Device Manager Devices =============
 
Could not list Devices. Check "winmgmt" service or repair WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/26/2017 10:50:00 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - QuickTime; Error = 0x80042302).
 
Error: (04/26/2017 10:50:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
 
Error: (04/26/2017 10:50:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]
 
Error: (04/26/2017 10:48:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - UnHackMe 8.00; Error = 0x80042302).
 
Error: (04/26/2017 10:48:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
 
Error: (04/26/2017 10:48:15 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]
 
Error: (04/26/2017 10:46:16 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - Sony Noise Reduction Plug-In 2.0e; Error = 0x80042302).
 
Error: (04/26/2017 10:46:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
 
Error: (04/26/2017 10:46:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]
 
Error: (04/26/2017 10:43:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - Sony Sound Forge 9.0; Error = 0x80042302).
 
 
System errors:
=============
Error: (04/27/2017 02:45:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/27/2017 02:45:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.
 
Error: (04/27/2017 02:44:11 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"740"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding
 
Error: (04/27/2017 02:43:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (04/26/2017 08:31:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/26/2017 08:31:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.
 
Error: (04/26/2017 08:30:22 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error:
"740"
Happened while starting this command:
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding
 
Error: (04/26/2017 08:29:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error: 
The requested resource is in use.
 
Error: (04/25/2017 09:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/25/2017 09:23:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.
 
 
CodeIntegrity:
===================================
  Date: 2017-04-13 15:02:51.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-13 15:02:51.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-12 14:52:12.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-12 14:52:12.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-12 07:21:06.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-12 07:21:06.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-11 19:37:06.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-11 19:37:06.612
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vmulti.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-04-10 20:12:58.406
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-10 20:12:58.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU G620 @ 2.60GHz
Percentage of memory in use: 20%
Total physical RAM: 5992.44 MB
Available physical RAM: 4769.71 MB
Total Virtual: 11983.06 MB
Available Virtual: 10819.67 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:906.34 GB) (Free:100.2 GB) NTFS
Drive d: (JVC DVD_ROM ) (CDROM) (Total:1.75 GB) (Free:0 GB) UDF
Drive e: (Old Drive) (Fixed) (Total:931.51 GB) (Free:43.57 GB) NTFS
Drive h: () (Removable) (Total:59.13 GB) (Free:29.31 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 032E13D2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 96287ECE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)
 
========================================================
Disk: 2 (Size: 59.2 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,713 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:04 AM

Posted 27 April 2017 - 06:58 PM

Greetings,

Thank you for the information. Let's start with this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows Key + R on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93}
Toolbar: HKU\S-1-5-21-1182291490-1180826050-772089516-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F}
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8}
FF user.js: detected! => C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\evn6x5fb.default\user.js [2017-01-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
S3 catchme; \??\C:\ComboFix_10-02-16\catchme.sys [X]
S3 cpuz138; \??\C:\Users\Kenny\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [X]
S3 WSR_USF; System32\Drivers\WSR_USF.sys [X]
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-04-16 19:47 - 2017-04-16 19:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-04-16 19:46 - 2017-04-16 21:38 - 00000000 ____D C:\Program Files (x86)\s5
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\c
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\szkec
2017-04-16 19:46 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\imukl
2017-04-16 19:44 - 2017-04-16 19:46 - 00000000 ____D C:\Users\Kenny\AppData\Local\AdvinstAnalytics
2017-04-16 19:43 - 2017-04-16 19:44 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\Microleaves
2017-04-16 19:42 - 2017-04-16 19:43 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\AGData
2017-04-16 19:42 - 2017-04-16 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-04-16 19:41 - 2017-04-16 21:37 - 00000000 ____D C:\Program Files (x86)\AnonymizerGadget
2017-04-02 20:19 - 2017-04-02 21:03 - 00000000 ____D C:\Users\Kenny\AppData\Roaming\LflhvyQg
2017-04-02 20:19 - 2017-04-02 20:19 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\ZLIBXTl.exe
2017-04-02 20:19 - 2017-04-02 20:19 - 00129536 _____ C:\Users\Kenny\AppData\Roaming\jhProtominer.exe
2017-04-02 20:17 - 2014-02-18 15:33 - 02710829 _____ (0lQP8W0QkS) C:\Users\Kenny\AppData\Roaming\Lil.Gaping.Lesbians.3.XXX.1080p.WEBRiP.x264-TBP.exe
Task: {A28A7D1A-BAFA-4B82-8332-D6B3D47AA83C} - System32\Tasks\{1CC3D729-422B-4EE8-8348-80E3433E63E2} => pcalua.exe -a G:\Hold\Downloads\SolidWorks\2013\Crack\SW2010-2013.Activator.SSQ.exe -d G:\Hold\Downloads\SolidWorks\2013\Crack
Task: {BE8D9B8E-1488-46EF-9BD1-0A49134CB08A} - System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93} => pcalua.exe -a C:\Users\Kenny\Documents\Agent7.exe -d C:\Users\Kenny\Documents
C:\Users\Kenny\Documents\Agent7.exe
2017-04-16 20:03 - 2012-07-07 14:58 - 00003122 _____ C:\windows\System32\Tasks\{BE62F7AB-7315-4EA5-A56A-16A7E99FAD93}
2017-04-16 10:57 - 2017-04-16 10:57 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole1100576980623147388.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 ____N () C:\Users\Kenny\AppData\Local\Temp\proxy_vole3758753963961335315.dll
2017-04-16 10:59 - 2017-04-16 10:59 - 0040448 _____ () C:\Users\Kenny\AppData\Local\Temp\proxy_vole825817276371365189.dll
HKU\S-1-5-21-1182291490-1180826050-772089516-1001\...\ChromeHTML:
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:NA9neJm8azOWRQimgVEJ [1984]
AlternateDataStreams: C:\ProgramData\Microsoft:N22G5oeVojqAN0YRATXc4 [2324]
AlternateDataStreams: C:\ProgramData\Microsoft:ScZA6zOFIgdVBGXsFu5qj3 [2088]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [136]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]
AlternateDataStreams: C:\Users\Kenny\Cookies:dbDELzmMFy1QJZSKPtVcBkjxTNbs [2018]
AlternateDataStreams: C:\Users\Kenny\Cookies:UNyxI5x0ybWi460VVi13 [2376]
G:\Hold\Downloads\SolidWorks
c:\3ds max
c:\apps\crack
c:\apps\cs5
c:\apps\office 2010 professional plus
c:\black drive\downloads\agent
c:\black drive\downloads\foxit
c:\black drive\downloads\kmswv1.3
c:\black drive\office_2010_professional_plus
c:\orangekey\yellow key\e-book_-_how_to_make_keygens.pdf
c:\orangekey\yellow key\documents\e-book_-_how_to_make_keygens.pdf
c:\program files\adobe\adobe premiere pro cc 2015
c:\program files (x86)\adobe\adobe dreamweaver cs5.5
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net.rar
c:\rxqdrive\hold\downloads\adobe cs5 master collection\keygen.exe
c:\rxqdrive\hold\downloads\adobe cs5 master collection\keygen.rar
c:\rxqdrive\hold\downloads\camtasia
c:\rxqdrive\hold\downloads\office
c:\rxqdrive\hold\downloads\solidworks
c:\rxqdrive\hold\downloads\sothink.logo.maker.v3.3.cracked-f4cg.dizel2008.softarchive.net
c:\users\kenny\documents\downloads\adobe.captivate.7.0.win64.esd-iso
c:\users\kenny\documents\downloads\apps\cs5\keygen.rar
c:\users\kenny\documents\downloads\apps\cs5\adobe cs5 master collection
c:\users\kenny\documents\downloads\complete\camtasia
c:\users\kenny\documents\downloads\complete\nero 12 platinum 12 5 01300 multilanguage + serials + anleitung
c:\users\kenny\documents\downloads\complete\solidworks 2013
c:\users\kenny\documents\downloads\coreldraw graphics suite x6 v16.2.0.998
c:\users\kenny\documents\downloads\keygen-core
c:\users\kenny\documents\downloads\keygen-x-force
c:\users\kenny\documents\downloads\ultraiso.premium.v9.6.2.multilingual.incl.keygen-tsz
c:\users\kenny\documents\my iso files\keygen-core.activator-xforce+install instruction.zip
c:\users\kenny\downloads\a_cs5.5_mc_keygen_update_win_osx-xforce.rar
c:\users\kenny\downloads\corel draw x5 with keygen.rar
c:\users\kenny\downloads\keygen-core.7z
c:\users\kenny\downloads\keygen-core.activator-xforce+install instruction.zip
c:\users\kenny\downloads\keygen-x-force.7z
c:\users\kenny\downloads\quadsuckercrack.zip
c:\users\kenny\downloads\unha-ckme.8.xxx keygen(2).rar
c:\users\kenny\downloads\un_me 8 build 500 setup+crack.zip
c:\users\kenny\downloads\adobe\vpsamz-adprprocc20152
c:\users\kenny\downloads\compressed\hdd regenerator 2011
c:\users\kenny\downloads\corel\08-05-2016\corel draw graphics suite x7.2 -win32-xforce- [mumbai-tpb]
c:\users\kenny\downloads\corel
c:\users\kenny\downloads\debut.pro.3.01
c:\users\kenny\downloads\jd2 fully loaded 24-10-2014
c:\users\kenny\downloads\keygen\aftershot.pro.2.kgn-core.rar
c:\users\kenny\downloads\keygen\corel.kgn.4.3-core.rar
c:\users\kenny\downloads\manga_studio_ex_v5.0.2_material-xforce
File: C:\windows\Photodex Presenter\npPxPlay.dll
Folder: C:\HSBC
Folder: C:\BCHS
RemoveProxy:
hosts:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: Bitsadmin /Reset /Allusers
emptytemp:
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

I recommend uninstalling the below listed program(s) from your computer.

Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.

Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of a previous uninstall. If that is the case simply stop and let me know.
  • Double click the Revo Uninstaller icon
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
Best Buy pc app
Driver Booster 4.1
IObit Uninstaller
Online Application Installer
UnHackMe 8.00
  • If presented with the program uninstall option click Uninstall
  • If asked to reboot select Reboot later
  • Under Scanning Modes select Advanced then select Scan
  • On the Found leftover Registry items window check the items in bold only then click Delete. You may have to expand some folders by clicking the "+" mark.
  • When prompted click on Next then Yes
  • On the Found leftover files and folders window click on Select all, click Finish, then click Yes
===================================================

RogueKiller

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • Right click on the setup.exe icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • Click OK on English
  • Select Install 32 and 64 bits versions (Recommended for Technicians), then click Next 2 times
  • Click Install
  • Click Finish
  • Click Start Scan twice
  • When completed click Open Report
  • Click Export Text and save the file on your Desktop as RK.txt
  • Close all open RogueKiller windows
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Did the programs uninstall?
  • RogueKiller log
  • Update on computer performance

Edited by Oh My!, 27 April 2017 - 06:59 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users