Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Frequent PUP


  • This topic is locked This topic is locked
2 replies to this topic

#1 DarUrjakar_Jahkrhan

DarUrjakar_Jahkrhan

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:17 AM

Posted 19 May 2017 - 06:11 PM

I have a frequent PUP coming on Google Chrome as explained in this previous Topic.

 

 

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017

Ran by User (administrator) on USER-PC (20-05-2017 00:52:04)
Running from C:\Users\User\Downloads\Programs
Loaded Profiles: User (Available Profiles: User & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Gaijin Entertainment) C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Flux Software LLC) C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1289704 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-02-03] (Zbshareware Lab)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390096 2016-11-26] (AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1913712 2017-01-07] (SeriousBit)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Run: [Gaijin.Net Agent] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-05-18] (Gaijin Entertainment)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\MountPoints2: {1fcd6ae3-5433-11e6-91f2-ac8112a86713} - F:\.\Setup.exe AUTORUN=1
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-26] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{338876FB-4D58-48B8-92D3-F454512598A4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BB11E36C-5A0B-48DA-A480-81E79081EFB8}: [NameServer] 213.131.66.246 41.128.225.225
 
Internet Explorer:
==================
HKU\S-1-5-21-126985369-209226206-3696806243-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-126985369-209226206-3696806243-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp
SearchScopes: HKU\S-1-5-21-126985369-209226206-3696806243-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-05-16] (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-26] (AVAST Software)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll => No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-05-16] (RealDownloader)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-26] (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll [2007-02-16] (IDM)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-126985369-209226206-3696806243-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
 
FireFox:
========
FF DefaultProfile: dwmq251p.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dwmq251p.default [2017-05-18]
FF Session Restore: Mozilla\Firefox\Profiles\dwmq251p.default -> is enabled.
FF Extension: (ClipConverter) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dwmq251p.default\Extensions\clipconverter@clipconverter.cc.xpi [2016-12-30]
FF Extension: (SaveFrom.net helper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dwmq251p.default\Extensions\helper-sig@savefrom.net.xpi [2017-05-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\User\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\User\AppData\Roaming\IDM\idmmzcc5 [2017-05-19] [not signed]
FF HKU\S-1-5-21-126985369-209226206-3696806243-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-17] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-02-23] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @real.com/nppl3260;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-24] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-24] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-126985369-209226206-3696806243-1000: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-126985369-209226206-3696806243-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\User\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [No File]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxp://www.smarter.yt
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-05-20]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2017-04-29]
CHR Extension: (Tab Resize - split screen layouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpenclhmiealbebdopglffmfdiilejc [2017-04-29]
CHR Extension: (OneTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-04-29]
CHR Extension: (Tabs Outliner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2017-04-29]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-28]
CHR Extension: (Blur) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2017-04-29]
CHR Extension: (FBDown Video Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-04-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-10]
CHR Extension: (Save All Tabs to Pocket) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgddihjgadjjgllbfoihbpjojbnbfpb [2017-04-29]
CHR Extension: (Tabman Tabs Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmnkflcjcohihpdcniifjbafcdelhlm [2017-04-29]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2017-04-29]
CHR Extension: (Unseen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-05-01]
CHR Extension: (Voice Recorder) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehegmanppiacmmpiifhjalpkigpcida [2017-04-29]
CHR Extension: (Ashish Mishra) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2017-04-29]
CHR Extension: (IDM Integration Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-05-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKU\S-1-5-21-126985369-209226206-3696806243-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-11-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-11-26]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-11-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-11-26] (AVAST Software)
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-07-24] (Macrovision Europe Ltd.) [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1817296 2015-09-18] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-09-18] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [847568 2015-09-18] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2015-10-30] (HP Inc.) [File not signed]
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [182128 2017-01-07] (SeriousBit)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368896 2012-09-12] (Microsoft Corporation)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2015-10-30] (HP Inc.) [File not signed]
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2015-05-16] ()
S4 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115224 2016-07-24] (RealNetworks, Inc.)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2014-08-31] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-11-26] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-11-26] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-11-26] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-05-09] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-05-18] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44648 2015-09-18] (AnchorFree Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-18] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-05-19] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-19] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2016-01-15] (SeriousBit)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19912 2009-07-19] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13264 2009-07-19] ()
S3 SEE; C:\Windows\System32\drivers\see.sys [50208 2017-04-22] (SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2016-12-24] (Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-09-18] (Anchorfree Inc.)
R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [437160 2016-09-03] (IDRIX)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-05-19] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-05-19] (Zemana Ltd.)
S3 ZTEMBBMSD; C:\Windows\System32\Drivers\ZTEMBBMSD.sys [19968 2016-07-27] (ZTE Corporation)
S3 ZTEMBBMSD; C:\Windows\SysWOW64\Drivers\ZTEMBBMSD.sys [19968 2016-07-27] (ZTE Corporation)
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbMB; C:\Windows\SysWOW64\DRIVERS\ZTEusbnmeaext2.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbmdm6k; C:\Windows\SysWOW64\DRIVERS\ZTEusbmdm6k.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbnmea; C:\Windows\SysWOW64\DRIVERS\ZTEusbnmea.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbnmeaext; C:\Windows\SysWOW64\DRIVERS\ZTEusbnmeaext.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbser6k; C:\Windows\SysWOW64\DRIVERS\ZTEusbser6k.sys [123136 2016-07-27] (ZTE Incorporated)
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [237056 2016-07-27] (ZTE Incorporated)
S3 ZTEusbwwan; C:\Windows\SysWOW64\DRIVERS\ZTEusbwwan.sys [237056 2016-07-27] (ZTE Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-20 00:51 - 2017-05-20 00:52 - 00000000 ____D C:\FRST
2017-05-20 00:34 - 2017-05-20 00:34 - 00000972 _____ C:\DelFix.txt
2017-05-20 00:34 - 2017-05-20 00:34 - 00000000 ____D C:\Windows\ERUNT
2017-05-19 15:58 - 2017-05-20 00:52 - 00108788 _____ C:\Windows\ZAM.krnl.trace
2017-05-19 15:58 - 2017-05-20 00:52 - 00075697 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-19 15:58 - 2017-05-19 15:58 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-05-19 15:58 - 2017-05-19 15:58 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-05-19 15:58 - 2017-05-19 15:58 - 00000000 ____D C:\Users\User\AppData\Local\Zemana
2017-05-19 15:27 - 2017-05-19 15:27 - 14554768 _____ (Copyright 2017.) C:\Users\User\Desktop\Zemana.AntiMalware.Portable.exe
2017-05-18 19:59 - 2017-05-18 19:59 - 00055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2017-05-18 19:58 - 2017-05-18 19:58 - 00000894 _____ C:\Windows\system32\.crusader
2017-05-18 11:45 - 2017-05-18 11:45 - 00000000 ____D C:\Program Files\HitmanPro
2017-05-18 11:44 - 2017-05-18 19:58 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-18 11:44 - 2017-05-18 11:45 - 11584088 _____ (SurfRight B.V.) C:\Users\User\Desktop\HitmanPro_x64.exe
2017-05-15 19:57 - 2017-05-15 19:57 - 01386783 _____ C:\Users\User\Desktop\video-1494870959.mp4
2017-05-15 18:03 - 2017-05-15 18:03 - 00115435 _____ C:\Users\User\Desktop\New Text Document.txt
2017-05-15 14:42 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-15 14:42 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-15 14:40 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2017-05-15 14:34 - 2017-05-15 14:34 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-15 14:34 - 2017-05-15 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-15 14:34 - 2017-05-15 14:34 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-15 14:34 - 2017-05-15 14:34 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-15 14:34 - 2017-05-15 14:34 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2017-05-15 14:34 - 2017-05-15 14:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2017-05-15 14:34 - 2017-05-15 14:34 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-15 14:34 - 2017-05-15 14:34 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-15 14:34 - 2017-05-15 14:34 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-15 14:34 - 2017-05-15 14:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-15 14:34 - 2017-05-15 14:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2017-05-15 14:34 - 2017-05-15 14:34 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2017-05-15 14:34 - 2017-05-15 14:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-15 14:31 - 2017-05-15 14:31 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-05-15 14:31 - 2017-05-15 14:31 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-05-15 14:18 - 2017-05-15 14:18 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-05-15 14:14 - 2017-05-15 14:14 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-05-15 14:14 - 2017-05-15 14:14 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2017-05-15 13:38 - 2017-05-15 13:44 - 00000000 ____D C:\Windows\system32\MRT
2017-05-15 13:37 - 2017-05-15 13:37 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-15 12:19 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2017-05-15 12:19 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2017-05-15 12:19 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2017-05-15 12:12 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2017-05-15 12:12 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2017-05-15 12:12 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-05-15 12:12 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-05-15 12:12 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2017-05-15 12:12 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2017-05-15 12:12 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2017-05-15 12:12 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2017-05-15 12:08 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-15 12:08 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-15 12:08 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-15 12:08 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-15 12:08 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-15 12:08 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-15 12:08 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-15 12:08 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-15 12:08 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-15 12:08 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-15 12:08 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-15 12:08 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-15 12:08 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-15 12:08 - 2017-04-28 02:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-15 12:08 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-15 12:08 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-15 12:08 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-15 12:08 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-15 12:08 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-15 12:08 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-15 12:08 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-15 12:08 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-15 12:08 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-15 12:08 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-15 12:08 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-15 12:08 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-15 12:08 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-15 12:08 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-15 12:08 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-15 12:08 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-15 12:08 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-15 12:08 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-15 12:08 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-15 12:08 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-15 12:08 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-15 12:08 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-15 12:08 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-15 12:08 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-15 12:08 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-15 12:08 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-15 12:08 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-15 12:08 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-15 12:08 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-15 12:08 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-15 12:08 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-15 12:08 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-15 12:08 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-15 12:08 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-15 12:08 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-15 12:08 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-15 12:08 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-15 12:08 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-15 12:08 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-15 12:08 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-15 12:08 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-15 12:08 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-15 12:08 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-15 12:08 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-15 12:08 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-15 12:08 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-15 12:08 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-05-15 12:08 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-05-15 12:08 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-05-15 12:08 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-15 12:08 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-05-15 12:08 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-15 12:08 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-05-15 12:08 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-05-15 12:08 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-05-15 12:08 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-05-15 12:08 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-05-15 12:08 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-05-15 12:08 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-05-15 12:08 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-05-15 12:08 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-05-15 12:08 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-05-15 12:08 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-05-15 12:08 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-15 12:08 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-15 12:08 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-05-15 12:08 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-05-15 12:08 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-05-15 12:08 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-05-15 12:08 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-05-15 12:08 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-15 12:08 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-15 12:08 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-05-15 12:08 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-05-15 12:08 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-05-15 12:08 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-15 12:08 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-15 12:08 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-15 12:08 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-05-15 12:08 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-15 12:08 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-05-15 12:08 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-05-15 12:08 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-05-15 12:08 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-05-15 12:08 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-05-15 12:08 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-05-15 12:08 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-05-15 12:08 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-05-15 12:08 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-05-15 12:08 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-05-15 12:08 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-05-15 12:08 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-05-15 12:08 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-05-15 12:08 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-05-15 12:08 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-05-15 12:08 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-05-15 12:08 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-05-15 12:08 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-05-15 12:08 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-05-15 12:08 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-05-15 12:08 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-05-15 12:08 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-05-15 12:08 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-05-15 12:08 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-05-15 12:08 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-05-15 12:08 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-05-15 12:08 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-05-15 12:08 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-05-15 12:08 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-05-15 12:08 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-05-15 12:08 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-05-15 12:08 - 2016-11-21 20:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-05-15 12:08 - 2016-11-20 18:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-05-15 12:08 - 2016-11-20 16:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-15 12:08 - 2016-11-17 18:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-05-15 12:08 - 2016-11-10 18:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-05-15 12:08 - 2016-11-10 18:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-05-15 12:08 - 2016-11-09 18:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-05-15 12:08 - 2016-11-09 18:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-15 12:08 - 2016-11-09 18:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-15 12:08 - 2016-11-09 18:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-05-15 12:08 - 2016-11-09 18:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-05-15 12:08 - 2016-11-09 18:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-05-15 12:08 - 2016-11-09 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-15 12:08 - 2016-11-09 18:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-15 12:08 - 2016-11-09 18:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-05-15 12:08 - 2016-11-09 18:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-05-15 12:08 - 2016-11-09 18:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-05-15 12:08 - 2016-11-09 17:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-05-15 12:08 - 2016-10-11 17:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-05-15 12:08 - 2016-10-11 17:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-05-15 12:08 - 2016-10-11 17:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-05-15 12:08 - 2016-10-11 17:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-05-15 12:08 - 2016-10-11 17:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-15 12:08 - 2016-10-11 17:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-05-15 12:08 - 2016-10-11 17:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-05-15 12:08 - 2016-10-11 17:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-05-15 12:08 - 2016-10-11 17:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-05-15 12:08 - 2016-10-11 17:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-15 12:08 - 2016-10-11 17:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-05-15 12:08 - 2016-10-11 17:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-05-15 12:08 - 2016-10-11 16:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-05-15 12:08 - 2016-10-11 15:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-05-15 12:08 - 2016-10-11 15:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-05-15 12:08 - 2016-10-08 15:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-05-15 12:08 - 2016-10-07 17:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-05-15 12:08 - 2016-10-07 17:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-05-15 12:08 - 2016-10-05 16:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-05-15 12:08 - 2016-09-15 16:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-05-15 12:08 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-05-15 12:08 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-05-15 12:08 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-05-15 12:08 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-05-15 12:08 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-05-15 12:08 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-05-15 12:08 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-05-15 12:08 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-05-15 12:08 - 2016-08-22 18:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-15 12:08 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-15 12:08 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-05-15 12:08 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-05-15 12:08 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-05-15 12:08 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-05-15 12:08 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-05-15 12:08 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-15 12:08 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-05-15 12:08 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-05-15 12:08 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-05-15 12:08 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-05-15 12:08 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-05-15 12:08 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-15 12:08 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-05-15 12:08 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-05-15 12:08 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-05-15 12:08 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-05-15 12:08 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-05-15 12:08 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-05-15 12:08 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-05-15 12:08 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-05-15 12:08 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-05-15 12:08 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-05-15 12:08 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-05-15 12:08 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-05-15 12:08 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-05-15 12:08 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-05-15 12:08 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-05-15 12:08 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-05-15 12:08 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-05-15 12:08 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-05-15 12:08 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-05-15 12:08 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-05-15 12:08 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-05-15 12:08 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-05-15 12:08 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-05-15 12:08 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-05-15 12:08 - 2016-03-24 00:43 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-05-15 12:08 - 2016-03-24 00:40 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-05-15 12:05 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-15 12:05 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-05-15 12:05 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-05-15 12:05 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-15 12:05 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-05-15 12:05 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-05-15 12:05 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-05-15 12:05 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-05-15 12:05 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-05-15 12:05 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-05-15 12:05 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-05-15 12:05 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-05-15 12:05 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-05-15 12:05 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-05-15 12:05 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-05-15 12:04 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-05-15 12:04 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-05-15 12:04 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-05-15 12:04 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2017-05-15 12:04 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-05-15 12:04 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-05-15 12:04 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-05-15 12:04 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-05-15 12:04 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-05-15 12:04 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-05-15 12:04 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2017-05-15 12:04 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-05-15 12:04 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-05-15 12:04 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-05-15 12:04 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-05-15 12:04 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-05-15 12:04 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-05-15 12:04 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-05-15 12:04 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-05-15 12:04 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-05-15 12:04 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-05-15 12:04 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-05-15 12:04 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-05-15 12:04 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-05-15 12:04 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-05-15 12:04 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-15 12:04 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-15 12:04 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2017-05-15 12:04 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2017-05-15 12:04 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2017-05-15 12:04 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-15 12:04 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2017-05-15 12:04 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-05-15 12:04 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-15 12:04 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2017-05-15 12:04 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2017-05-15 12:03 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2017-05-15 12:03 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-05-15 12:02 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2017-05-15 12:02 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2017-05-15 12:02 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2017-05-15 12:02 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2017-05-15 12:02 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2017-05-15 12:02 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2017-05-15 12:02 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2017-05-15 12:02 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2017-05-15 12:02 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-05-15 12:02 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-05-15 12:00 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-05-15 12:00 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2017-05-15 12:00 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2017-05-15 12:00 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2017-05-15 11:59 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2017-05-15 11:59 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2017-05-15 11:59 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-05-15 11:58 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2017-05-15 11:58 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-05-15 11:58 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-05-15 11:58 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2017-05-15 11:57 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-15 11:57 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-05-15 11:57 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-05-15 11:57 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-05-15 11:57 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-05-15 11:57 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-05-15 11:57 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-05-15 11:57 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-05-15 11:57 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-05-15 11:57 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-05-15 11:57 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2017-05-15 11:57 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2017-05-15 11:56 - 2016-01-06 21:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-05-15 11:56 - 2016-01-06 20:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2017-05-15 11:54 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-15 11:54 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-15 11:54 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-05-15 11:54 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-15 11:54 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-05-15 11:54 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-15 11:54 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-15 11:54 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-15 11:54 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-05-15 11:54 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-15 11:54 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-05-15 11:54 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-05-15 11:54 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-05-15 11:54 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-05-15 11:54 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-05-15 11:54 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2017-05-15 11:54 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2017-05-15 11:54 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2017-05-15 11:54 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2017-05-15 11:54 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-05-15 11:54 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-05-15 11:54 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2017-05-15 11:54 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2017-05-15 11:54 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2017-05-15 11:54 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2017-05-15 11:54 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2017-05-15 11:54 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2017-05-15 11:54 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2017-05-15 11:54 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2017-05-15 11:54 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2017-05-15 11:54 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-05-15 11:54 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-15 11:54 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-15 11:54 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2017-05-15 11:54 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-05-15 11:54 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-05-15 11:54 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2017-05-15 11:54 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2017-05-15 11:54 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2017-05-15 11:54 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2017-05-15 11:54 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2017-05-15 11:54 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2017-05-15 11:54 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2017-05-15 11:54 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2017-05-15 11:54 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2017-05-15 11:53 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-15 11:53 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-15 11:51 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-15 11:51 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2017-05-15 11:51 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-05-15 11:51 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-15 11:51 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-05-15 11:51 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2017-05-15 11:51 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-05-15 11:50 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2017-05-15 11:50 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-05-15 11:50 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-05-15 11:50 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-15 11:50 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-15 11:50 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-05-15 11:50 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2017-05-15 11:50 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2017-05-15 11:50 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2017-05-15 11:50 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2017-05-15 11:50 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2017-05-15 11:50 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2017-05-15 11:50 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2017-05-15 11:50 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2017-05-15 11:49 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-05-15 11:49 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-05-15 11:49 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2017-05-15 11:49 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-05-15 11:49 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2017-05-15 11:49 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2017-05-15 11:49 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2017-05-15 11:49 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2017-05-15 11:49 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2017-05-15 11:49 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2017-05-15 11:49 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2017-05-15 11:43 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-05-15 11:43 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-05-15 11:43 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-05-15 11:43 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-05-15 11:43 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-05-15 11:43 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-05-15 11:43 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-05-15 11:43 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-05-15 11:43 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-05-15 11:43 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2017-05-15 11:43 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2017-05-15 11:43 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2017-05-15 11:43 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2017-05-15 11:43 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2017-05-15 11:43 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2017-05-15 11:43 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-05-15 11:43 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-05-15 11:43 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2017-05-15 11:43 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2017-05-15 11:43 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-05-15 11:43 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2017-05-15 11:43 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-05-15 11:43 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2017-05-15 11:43 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2017-05-15 11:43 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2017-05-15 11:43 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2017-05-15 11:43 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-05-15 11:43 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-05-15 11:43 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-05-15 11:43 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-05-15 11:43 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-05-15 11:43 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2017-05-15 11:43 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2017-05-15 11:43 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2017-05-15 11:43 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2017-05-15 11:43 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2017-05-15 11:43 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2017-05-15 11:43 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2017-05-15 11:43 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2017-05-15 11:43 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2017-05-15 11:43 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2017-05-15 11:43 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2017-05-15 11:43 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-05-15 11:43 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-05-15 11:42 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-05-15 11:42 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2017-05-15 11:42 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2017-05-15 11:42 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-15 11:42 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-05-15 11:42 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2017-05-15 11:42 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2017-05-15 11:42 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-05-15 11:42 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-05-15 11:42 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2017-05-15 11:42 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2017-05-15 11:32 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-15 11:32 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-15 11:29 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2017-05-15 11:29 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2017-05-15 11:29 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-05-15 11:29 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-05-15 11:29 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2017-05-15 11:29 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-05-15 11:29 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2017-05-15 05:17 - 2017-05-15 05:17 - 00000000 ____D C:\ProgramData\Sophos
2017-05-15 05:16 - 2017-05-15 05:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-05-15 05:16 - 2017-05-15 05:16 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-05-15 04:37 - 2017-05-15 04:37 - 00000000 ____D C:\Program Files\Subtitle Edit
2017-05-15 04:22 - 2017-05-15 04:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-13 20:02 - 2017-05-13 20:02 - 00002950 _____ C:\Windows\System32\Tasks\{BBD3ECE1-1D97-4798-B245-13DD62C4D014}
2017-05-13 20:00 - 2017-05-13 20:00 - 00002950 _____ C:\Windows\System32\Tasks\{8FA27A29-161C-4214-8B1E-020C8382E4ED}
2017-05-13 19:43 - 2017-05-15 11:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2017-05-13 19:43 - 2017-05-13 20:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-13 19:43 - 2017-05-13 20:20 - 00000000 ____D C:\ProgramData\Skype
2017-05-13 19:43 - 2017-05-13 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-13 18:27 - 2017-05-13 18:27 - 00001989 _____ C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2017-05-13 18:27 - 2017-05-13 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2017-05-13 18:27 - 2017-05-13 18:27 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2017-05-13 18:27 - 2017-05-13 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2017-05-13 06:22 - 2017-05-13 06:22 - 00000000 ____D C:\Users\User\AppData\Local\ESET
2017-05-13 05:58 - 2017-05-13 05:59 - 45296215 _____ C:\Users\User\Desktop\Parkour.com - An iconic documentary from the old school that we....MP4
2017-05-13 05:51 - 2017-05-19 21:01 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-13 05:51 - 2017-05-19 21:01 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-13 05:51 - 2017-05-19 21:00 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-13 05:51 - 2017-05-19 17:47 - 00187320 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-13 05:51 - 2017-05-15 04:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-13 05:51 - 2017-05-13 06:17 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-13 05:51 - 2017-05-13 05:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-13 05:51 - 2017-05-09 16:37 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-13 05:43 - 2017-05-13 17:32 - 00000000 ____D C:\Users\User\Desktop\Report
2017-05-12 22:51 - 2017-05-12 22:51 - 00000000 ____D C:\Users\User\AppData\Local\CrashRpt
2017-05-12 22:51 - 2017-05-12 22:51 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-05-12 22:51 - 2017-05-12 22:51 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2017-05-12 22:48 - 2017-05-12 22:48 - 00000000 ____D C:\Users\Guest\AppData\Local\Windscribe
2017-05-11 22:08 - 2017-05-11 22:49 - 00000000 ____D C:\ProgramData\Emsisoft
2017-05-11 21:11 - 2017-05-11 21:11 - 00080689 _____ C:\Users\User\Downloads\IDMGCExt.crx
2017-05-11 11:48 - 2017-05-11 11:54 - 63035592 _____ (Malwarebytes ) C:\Users\User\Downloads\mb3-setup-1878.1878-3.1.2.1733.exe
2017-05-11 08:49 - 2017-05-19 21:24 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2017-05-11 03:13 - 2017-05-11 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2017-05-11 03:12 - 2017-04-21 04:16 - 00045560 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwindscribe0901.sys
2017-05-11 03:08 - 2017-05-11 03:09 - 15139472 _____ (Windscribe ) C:\Users\User\Downloads\Windscribe.exe
2017-05-11 03:07 - 2017-05-11 03:08 - 00326834 _____ C:\Users\User\Downloads\Unconfirmed 234639.crdownload
2017-05-11 03:01 - 2017-05-11 03:15 - 00000000 ____D C:\Windows\System32\Tasks\MyTasks
2017-05-10 20:59 - 2017-05-11 07:53 - 00000000 ____D C:\Users\User\AppData\Local\FSDART
2017-05-10 20:59 - 2017-05-10 21:12 - 00000000 ____D C:\ProgramData\F-Secure
2017-05-10 20:59 - 2017-05-10 20:59 - 00000000 ____D C:\Users\User\AppData\Local\F-Secure
2017-05-10 20:58 - 2017-05-10 20:58 - 00524248 _____ (F-Secure Corporation) C:\Users\User\Downloads\F-SecureOnlineScanner.exe
2017-05-10 02:19 - 2017-05-10 09:13 - 00000000 ____D C:\Memory
2017-05-09 22:17 - 2017-05-11 12:38 - 00000000 ____D C:\Users\User\Desktop\Physics
2017-05-09 21:15 - 2017-05-09 21:43 - 229393707 _____ C:\Users\Guest\Desktop\Nuova Evangelizzazione ed Educazione - don Carlo Nanni.mp4
2017-05-09 21:14 - 2017-05-09 21:14 - 00290507 _____ C:\Users\Guest\Desktop\immagini.pdf
2017-05-09 21:12 - 2017-05-09 21:12 - 00290507 _____ C:\Users\Guest\Downloads\immagini.pdf
2017-05-09 21:09 - 2017-05-19 21:09 - 00000000 ____D C:\Users\Guest\AppData\Roaming\DMCache
2017-05-09 21:09 - 2017-05-09 21:15 - 00000000 ____D C:\Users\Guest\AppData\Roaming\IDM
2017-05-09 21:09 - 2017-05-09 21:09 - 00000000 ____D C:\Users\Guest\Downloads\Video
2017-05-09 21:09 - 2017-05-09 21:09 - 00000000 ____D C:\Users\Guest\Downloads\Compressed
2017-05-05 10:35 - 2017-05-05 10:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Eidos
2017-05-05 10:17 - 2017-05-05 10:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos
2017-05-05 10:13 - 2017-05-05 10:35 - 00000000 ____D C:\Reservoir Dogs
2017-05-05 10:09 - 2017-05-05 10:09 - 00000000 ____D C:\Windows\Downloaded Installations
2017-05-03 22:19 - 2017-05-03 22:25 - 00000000 ____D C:\Users\User\Desktop\Limbo
2017-05-03 21:31 - 2017-05-03 21:31 - 00130150 _____ C:\Users\User\Downloads\limbofile.zip
2017-05-03 19:42 - 2017-05-03 19:42 - 00000000 ____D C:\Windows\SysWOW64\GOG.com
2017-05-03 19:42 - 2017-05-03 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-05-03 19:42 - 2017-05-03 19:42 - 00000000 ____D C:\ProgramData\GOG.com
2017-05-03 19:12 - 2017-05-03 19:12 - 00029082 _____ C:\Users\User\Downloads\Limbo-GOG.torrent
2017-05-02 01:42 - 2017-05-02 01:43 - 00019492 _____ C:\Users\Guest\Downloads\avemaria.mid
2017-04-29 20:51 - 2017-04-29 20:51 - 00000000 ____D C:\Users\User\AppData\Roaming\Google
2017-04-28 02:26 - 2017-04-28 14:17 - 790974464 _____ C:\Users\User\Outlast.Incl.Whistleblower.DLC.v2.1.0.8-GOG.iso
2017-04-28 01:58 - 2017-04-28 01:58 - 00120601 _____ C:\Users\User\Downloads\Outlast.2-CODEX.torrent
2017-04-28 01:57 - 2017-04-28 01:57 - 00025087 _____ C:\Users\User\Downloads\Outlast.Incl.Whistleblower.DLC.v2.1.0.8-GOG.torrent
2017-04-28 00:16 - 2017-05-15 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2017-04-28 00:16 - 2017-05-10 11:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Subtitle Edit
2017-04-28 00:16 - 2017-04-28 00:16 - 00000000 ____D C:\Program Files (x86)\Subtitle Edit
2017-04-27 23:33 - 2017-05-19 16:31 - 00000000 ____D C:\Users\User\Desktop\subs
2017-04-26 00:15 - 2017-04-26 00:15 - 00000000 ____D C:\Users\User\AppData\Local\TeamViewer
2017-04-25 23:54 - 2017-04-25 23:54 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-25 23:54 - 2016-11-28 12:55 - 00035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2017-04-25 21:30 - 2017-04-25 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2017-04-25 21:30 - 2017-04-25 21:30 - 00000000 ____D C:\Program Files\TAP-Windows
2017-04-22 21:47 - 2017-05-12 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-04-22 21:38 - 2017-04-22 21:38 - 00050208 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\see.sys
2017-04-22 21:36 - 2017-04-22 21:36 - 00143816 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2017-04-22 21:26 - 2017-04-22 21:30 - 54267860 _____ C:\Users\User\Downloads\vpngate-client-2017.04.23-build-9634.138230.zip
2017-04-22 20:17 - 2017-04-22 22:25 - 00000302 _____ C:\Users\User\Desktop\details.txt
2017-04-22 20:06 - 2017-04-22 20:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BleachBit
2017-04-22 20:06 - 2017-04-22 20:06 - 00000000 ____D C:\Users\User\AppData\Roaming\BleachBit
2017-04-22 20:06 - 2017-04-22 20:06 - 00000000 ____D C:\Program Files (x86)\BleachBit
2017-04-22 20:04 - 2017-04-22 20:22 - 00000000 ____D C:\Program Files\CyberGhost VPN
2017-04-22 19:58 - 2015-04-26 14:39 - 00460288 _____ (Hide My IP) C:\Windows\system32\HMIPCore64.dll
2017-04-22 19:58 - 2015-04-26 14:38 - 00353280 _____ (Hide My IP) C:\Windows\SysWOW64\HMIPCore.dll
2017-04-22 10:47 - 2017-04-22 10:47 - 00011968 _____ C:\Users\User\Downloads\The Last Samurai (2003) [1080p] [YTS.AG].torrent
2017-04-22 03:30 - 2017-05-13 12:21 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2017-04-22 03:30 - 2017-04-22 03:30 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2017-04-22 03:30 - 2017-04-22 03:30 - 00000000 ____D C:\Users\User\AppData\Roaming\NCH Software
2017-04-22 03:30 - 2017-04-22 03:30 - 00000000 ____D C:\ProgramData\NCH Software
2017-04-22 03:30 - 2017-04-22 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2017-04-22 03:30 - 2017-04-22 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2017-04-22 03:30 - 2017-04-22 03:30 - 00000000 ____D C:\Program Files (x86)\NCH Software
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-20 00:48 - 2016-09-23 17:57 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2017-05-20 00:35 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-05-20 00:31 - 2017-04-18 22:52 - 00000000 ____D C:\Users\User\AppData\Roaming\HexChat
2017-05-19 23:50 - 2017-04-11 22:55 - 00000000 ____D C:\Users\User\AppData\Roaming\DMCache
2017-05-19 22:44 - 2016-11-26 11:18 - 07142342 _____ C:\Windows\ntbtlog.txt
2017-05-19 22:42 - 2017-04-11 22:55 - 00000000 ____D C:\Users\User\Downloads\Video
2017-05-19 22:14 - 2016-07-24 00:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2017-05-19 21:08 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-19 21:08 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-19 20:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-19 17:57 - 2016-11-26 09:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-05-19 16:24 - 2016-12-08 23:01 - 00005826 _____ C:\Users\User\Desktop\WNetWatcher.cfg
2017-05-18 12:57 - 2017-04-15 04:08 - 00000000 ____D C:\WarThunder
2017-05-18 05:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-05-16 13:07 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-16 13:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-16 05:25 - 2016-07-23 22:06 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-15 23:24 - 2016-09-20 21:20 - 00001409 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-05-15 16:07 - 2016-07-23 20:54 - 00001413 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-05-15 15:58 - 2016-07-24 06:36 - 00000000 ____D C:\Windows\Panther
2017-05-15 15:53 - 2009-07-14 06:45 - 00408152 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-15 15:51 - 2016-11-04 00:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-15 15:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-05-15 15:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-05-15 15:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-15 15:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-15 15:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-15 15:49 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-15 15:48 - 2010-11-21 09:16 - 00000000 ____D C:\Program Files\Windows Journal
2017-05-15 15:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-05-15 14:02 - 2016-09-03 21:56 - 00765700 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-15 04:38 - 2016-11-15 20:43 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2017-05-13 19:31 - 2016-07-24 00:27 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2017-05-13 19:13 - 2016-07-24 00:14 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-13 18:59 - 2016-11-12 22:49 - 00000581 _____ C:\Users\User\Desktop\Notes.txt
2017-05-13 17:22 - 2016-07-23 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-13 15:40 - 2016-11-15 20:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-12 14:37 - 2016-11-25 20:00 - 00000000 ____D C:\Users\User\Desktop\New folder
2017-05-11 22:57 - 2017-04-15 09:47 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-05-11 22:57 - 2017-04-15 09:47 - 00000000 ____D C:\Program Files\Intel
2017-05-11 20:17 - 2017-04-11 22:55 - 00000000 ____D C:\Users\User\AppData\Roaming\IDM
2017-05-11 07:54 - 2017-04-01 01:02 - 00000000 ____D C:\Program Files (x86)\Windscribe
2017-05-11 03:20 - 2016-09-23 17:55 - 00000000 ___SD C:\Users\User\AppData\LocalLow\Temp
2017-05-11 01:46 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-11 01:45 - 2016-09-23 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-05-10 20:42 - 2017-04-15 23:28 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-05-06 20:53 - 2016-07-23 21:18 - 00111296 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2017-05-05 14:05 - 2016-09-20 21:20 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2017-05-05 13:34 - 2016-09-20 21:20 - 00111296 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2017-05-05 10:33 - 2016-09-26 20:56 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-05-05 10:17 - 2016-11-25 00:54 - 00000000 ____D C:\Users\User\Desktop\new music to use
2017-05-05 09:10 - 2016-09-24 22:44 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-30 00:17 - 2016-07-23 21:56 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 00:17 - 2016-07-23 21:56 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 23:54 - 2016-11-04 00:55 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2017-04-22 22:33 - 2016-09-21 21:33 - 00000000 ____D C:\ProgramData\TEMP
2017-04-22 22:29 - 2016-07-23 20:54 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2017-04-22 20:07 - 2016-07-24 00:47 - 01843475 ____H C:\Users\User\AppData\Local\IconCache.db.backup
 
==================== Files in the root of some directories =======
 
2017-02-18 17:42 - 2017-02-18 17:42 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2016-09-02 15:47 - 2017-02-23 15:04 - 0007603 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2017-04-15 23:28 - 2017-04-15 23:29 - 0000552 _____ () C:\Users\User\AppData\Local\TroubleshooterConfig.json
2016-12-16 20:43 - 2016-12-16 20:43 - 0004096 _____ () C:\ProgramData\dfnpcrng.nwi
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-05-13 05:27
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 37,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:17 PM

Posted 22 May 2017 - 08:40 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
SearchScopes: HKU\S-1-5-21-126985369-209226206-3696806243-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll => No File
Toolbar: HKU\S-1-5-21-126985369-209226206-3696806243-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Extension: (ClipConverter) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dwmq251p.default\Extensions\clipconverter@clipconverter.cc.xpi [2016-12-30]
FF Extension: (SaveFrom.net helper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dwmq251p.default\Extensions\helper-sig@savefrom.net.xpi [2017-05-13]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-126985369-209226206-3696806243-1000: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-126985369-209226206-3696806243-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\User\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [No File]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-28]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKU\S-1-5-21-126985369-209226206-3696806243-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-11-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-11-26]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [135]
C:\Users\User\AppData\Roaming\version2.xml

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
===

Please post the logs and let me know what problem persists with this computer.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 37,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:17 PM

Posted 28 May 2017 - 08:22 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users