Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maybe Urgent, it's been a day - Backdoor.XTRat


  • This topic is locked This topic is locked
4 replies to this topic

#1 Uplink1209

Uplink1209

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:21 AM

Posted 17 February 2018 - 12:39 PM

I've run Malwarebytes and any antivirus I could but this one detection still keeps coming back after every restart. Malwarebytes detects it as "Backdoor.XTRat" and it's found as C/Windows/Microsoft/Svchost.exe
Can anyone help me remove it?

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,964 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:21 PM

Posted 17 February 2018 - 01:48 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===


Please post the logs for my review.

Need also to see the MBAM log for analyses.

Edited by nasdaq, 17 February 2018 - 01:49 PM.


#3 Uplink1209

Uplink1209
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:21 AM

Posted 17 February 2018 - 10:20 PM

Hi nasdaq, I ran MBAM anti-rootkit yesterday while waiting for a reply and it seems to have gotten rid of it. Could you check if i'm already clean?

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by Uplink1209 (administrator) on ADMIN (18-02-2018 10:59:47)
Running from C:\Users\Uplink1209\Desktop\FRST
Loaded Profiles: PC admin & Uplink1209 &  (Available Profiles: PC admin & Uplink1209)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Garena Online ) C:\Program Files (x86)\Garena\Garena\2.0.1711.0815\gxxsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Pen Tablet Driver) C:\Windows\System32\PenTabletService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Pen Tablet Driver) C:\Windows\System32\PenTabletClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Discord Inc.) C:\Users\Uplink1209\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Uplink1209\AppData\Local\Discord\app-0.0.300\Discord.exe
() C:\Program Files (x86)\Gaming Mouse\Monitor.exe
(Discord Inc.) C:\Users\Uplink1209\AppData\Local\Discord\app-0.0.300\Discord.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2017-10-26] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-10] (Oracle Corporation)
HKLM-x32\...\Run: [Gaming Mouse Driver] => C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [491520 2015-01-22] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600096 2017-02-14] (Razer Inc)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-16] (Valve Corporation)
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [uTorrent] => C:\Users\Uplink1209\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-02-15] (BitTorrent Inc.)
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1206600 2018-02-07] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-303350786-1125687927-30880191-1001\...\Run: [MAXJoypad] => C:\Program Files (x86)\MAXJoypad\MaxJoypadMonitor.exe --minimized
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-16] (Valve Corporation)
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [uTorrent] => C:\Users\Uplink1209\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-02-15] (BitTorrent Inc.)
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1206600 2018-02-07] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\...\Run: [MAXJoypad] => C:\Program Files (x86)\MAXJoypad\MaxJoypadMonitor.exe --minimized
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-16] (Valve Corporation)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [1348072 2017-12-28] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [Turn Off Monitor] => C:\Program Files (x86)\Turn Off Monitor\TurnOffMon.exe [20480 2009-01-19] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [Auto LogOff] => C:\Program Files (x86)\Turn Off Monitor\AutoLogOff.exe [36864 2009-03-26] (RTSoftwares.com)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [Discord] => C:\Users\Uplink1209\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [uTorrent] => C:\Users\Uplink1209\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-02-15] (BitTorrent Inc.)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-16] (Valve Corporation)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [1348072 2017-12-28] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [Turn Off Monitor] => C:\Program Files (x86)\Turn Off Monitor\TurnOffMon.exe [20480 2009-01-19] ()
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [Auto LogOff] => C:\Program Files (x86)\Turn Off Monitor\AutoLogOff.exe [36864 2009-03-26] (RTSoftwares.com)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [Discord] => C:\Users\Uplink1209\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [uTorrent] => C:\Users\Uplink1209\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-02-15] (BitTorrent Inc.)
Startup: C:\Users\Uplink1209\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2017-03-04]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{39826CA0-0D6D-4C01-92D0-3AA7A77FFE88}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{3DFFA7CE-F522-4D7C-8F4F-8A5B9EC908D7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E323D9DC-C88D-4C2A-AC43-B122AF96980E}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-303350786-1125687927-30880191-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://u.msn.com/id-id/?ocid=iehp
HKU\S-1-5-21-303350786-1125687927-30880191-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105550434\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://u.msn.com/id-id/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-303350786-1125687927-30880191-1003 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\S-1-5-21-303350786-1125687927-30880191-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-26] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-24] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-303350786-1125687927-30880191-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Uplink1209\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-09] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Uplink1209\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-09] (Unity Technologies ApS)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.sg/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default [2018-02-18]
CHR Extension: (Slides) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Search items between steam friends.) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajlddciniccidokpjhppahkoefohkchg [2018-01-12]
CHR Extension: (Theme Creator) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2017-01-15]
CHR Extension: (Docs) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-02]
CHR Extension: (YouTube) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-02]
CHR Extension: (Adblock Plus) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-28]
CHR Extension: (Steam Inventory Helper) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-02-02]
CHR Extension: (Tampermonkey) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-28]
CHR Extension: (Kahoot Bot) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpfibfmcimnclopkpcleadeipgkenic [2017-06-27]
CHR Extension: (Sheets) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-03]
CHR Extension: (Vysor) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2018-02-02]
CHR Extension: (Essentials for KissAnime) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaicfjhjlblbkhejmkfimkafjchdnafm [2017-12-16]
CHR Extension: (Sendai) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\jppihodghgfehkfmhjckhlohickmmmlm [2018-02-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-01-21]
CHR Extension: (Project Naptha) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf [2016-09-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (AdSkipper) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2018-01-19]
CHR Extension: (Gmail) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-06-08] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2017-12-30] (EasyAntiCheat Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GarenaPlatform; C:\Program Files (x86)\Garena\Garena\2.0.1711.0815\gxxsvc.exe [326024 2017-11-08] (Garena Online )
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-20] (Hi-Rez Studios) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-02-16] (SurfRight B.V.)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [373432 2014-05-23] (Hewlett-Packard Development Company, L.P.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S4 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-06-18] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-12] (Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1452360 2018-02-07] (Overwolf LTD)
R2 PenTabletService; C:\Windows\System32\PenTabletService.exe [100072 2014-03-20] (Pen Tablet Driver)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-08-07] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [179840 2017-08-07] (Razer Inc.)
S3 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-04-19] (Razer Inc)
S3 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
S3 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-04-28] (Razer Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339968 2017-10-26] (IDT, Inc.) [File not signed]
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-23] (Tunngle.net GmbH) [File not signed]
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-13] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-13] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1448248 2017-10-26] (Motorola Solutions, Inc.)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33592 2016-09-28] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [230712 2016-09-28] (Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-04] (Disc Soft Ltd)
R3 GMLXDFltr01; C:\Windows\system32\drivers\GMLXDFltr01.sys [10752 2014-07-24] (LXD Development, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-10-26] (REALiX™)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2017-10-26] ()
R3 ladfGSS; C:\Windows\system32\drivers\ladfGSS.sys [45192 2017-08-18] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
S3 maxjoypad; C:\Windows\System32\drivers\maxjoypad.sys [18880 2016-08-05] (Windows ® Win 7 DDK provider)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-18] (Malwarebytes)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew01.sys [3354384 2015-05-04] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2018-02-17] (Greatis Software)
S3 PTTblHid; C:\Windows\system32\DRIVERS\PTTblHid.sys [33000 2014-03-20] (Tablet Driver)
S3 PTTPCHid; C:\Windows\system32\DRIVERS\PTTPCHid.sys [19688 2014-03-20] (PenTablet Driver for TabletPC)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [43256 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137208 2017-08-19] (Razer, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [47736 2015-12-22] (Tunngle.net)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-02-16] ()
S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-12-01] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-13] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-13] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2017-10-26] (HP)
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-18 10:58 - 2018-02-18 10:59 - 000000000 ____D C:\Users\Uplink1209\Desktop\FRST
2018-02-18 10:58 - 2018-02-18 10:59 - 000000000 ____D C:\FRST
2018-02-18 10:58 - 2018-02-18 10:58 - 002403840 _____ (Farbar) C:\Users\Uplink1209\Downloads\FRST64.exe
2018-02-18 10:54 - 2018-02-18 10:54 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-17 23:37 - 2018-02-17 23:37 - 000000222 _____ C:\Users\Uplink1209\Desktop\War Thunder.url
2018-02-17 20:56 - 2018-02-17 20:56 - 000040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2018-02-17 17:05 - 2018-02-17 17:05 - 000003328 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2018-02-17 17:05 - 2018-02-17 17:05 - 000001015 _____ C:\Users\Uplink1209\Desktop\UnHackMe.lnk
2018-02-17 17:05 - 2018-02-17 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2018-02-17 17:02 - 2018-02-17 17:56 - 000000000 ____D C:\Users\Uplink1209\Desktop\mbar
2018-02-17 17:02 - 2018-02-17 17:56 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-02-17 17:02 - 2018-02-17 17:02 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Uplink1209\Downloads\mbar-1.10.3.1001.exe
2018-02-17 17:02 - 2018-02-17 17:02 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\A13D340E.sys
2018-02-17 17:02 - 2018-02-17 17:02 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2018-02-17 17:01 - 2018-02-17 17:02 - 018212798 _____ C:\Users\Uplink1209\Downloads\unhackmeb (2).zip
2018-02-17 15:01 - 2018-02-17 15:01 - 000000000 ____D C:\Users\Uplink1209\AppData\LocalLow\uTorrent
2018-02-16 18:20 - 2018-02-06 04:38 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-02-16 18:20 - 2018-02-06 04:38 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-16 18:16 - 2018-02-16 18:16 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-16 18:07 - 2018-02-16 18:07 - 000000000 ____D C:\Users\PC admin\AppData\Local\Razer
2018-02-16 17:54 - 2017-11-02 10:15 - 000690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2018-02-16 17:54 - 2017-11-02 10:15 - 000485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2018-02-16 17:53 - 2017-11-02 10:15 - 000993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2018-02-16 17:53 - 2017-11-02 10:15 - 000987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2018-02-16 17:19 - 2018-02-16 17:19 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-02-16 17:19 - 2018-02-16 17:19 - 000000000 ____D C:\Users\PC admin\AppData\Roaming\Adobe
2018-02-16 17:18 - 2018-02-16 17:18 - 000000000 ____D C:\ProgramData\RogueKiller
2018-02-16 17:17 - 2018-02-16 17:17 - 026937928 _____ (Adlice Software) C:\Users\PC admin\Downloads\RogueKiller_portable64.exe
2018-02-16 17:10 - 2018-02-16 17:10 - 000000000 ____D C:\Users\PC admin\AppData\Roaming\Garena
2018-02-16 17:05 - 2018-02-16 17:31 - 000000000 ____D C:\Users\PC admin\AppData\Local\LogMeIn Hamachi
2018-02-16 17:05 - 2018-02-16 17:06 - 000002271 _____ C:\Users\PC admin\Desktop\Google Chrome.lnk
2018-02-16 17:05 - 2018-02-16 17:05 - 000000258 __RSH C:\Users\PC admin\ntuser.pol
2018-02-16 17:05 - 2018-02-16 17:05 - 000000000 ____D C:\Users\PC admin\AppData\Local\LogMeIn
2018-02-16 17:05 - 2018-02-16 17:05 - 000000000 ____D C:\Users\PC admin\AppData\Local\Logitech
2018-02-16 15:43 - 2018-02-16 15:43 - 000003072 _____ C:\Windows\system32\.crusader
2018-02-16 15:10 - 2018-01-21 19:09 - 000145080 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-16 15:10 - 2018-01-21 14:13 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-16 15:10 - 2018-01-21 14:13 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-16 15:10 - 2018-01-21 14:13 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-16 15:08 - 2018-02-10 15:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-16 15:08 - 2018-02-10 15:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-16 15:08 - 2018-02-10 13:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-16 15:08 - 2018-02-10 13:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-16 15:08 - 2018-01-02 13:28 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-16 15:08 - 2018-01-02 13:17 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-16 15:08 - 2017-12-29 16:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-16 15:08 - 2017-12-10 21:46 - 007079424 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2018-02-16 15:08 - 2017-12-10 21:24 - 005275136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2018-02-16 15:08 - 2017-12-10 21:06 - 007797760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-02-16 15:08 - 2017-12-10 20:59 - 005270528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-02-16 15:08 - 2017-06-14 01:07 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2018-02-16 15:08 - 2017-06-02 18:25 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-02-16 15:08 - 2017-04-16 15:02 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-02-16 15:08 - 2017-02-12 00:42 - 000204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2018-02-16 15:08 - 2016-12-25 08:48 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2018-02-16 15:08 - 2016-12-25 07:39 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2018-02-16 15:07 - 2018-02-10 16:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-16 15:07 - 2018-02-10 15:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-16 15:07 - 2018-02-10 15:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-16 15:07 - 2018-02-10 15:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-16 15:07 - 2018-02-10 15:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-16 15:07 - 2018-02-10 14:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-16 15:07 - 2018-02-10 14:47 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-02-16 15:07 - 2018-02-10 14:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-16 15:07 - 2018-02-10 14:41 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-02-16 15:07 - 2018-02-10 14:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-16 15:07 - 2018-02-10 14:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-16 15:07 - 2018-02-10 14:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-16 15:07 - 2018-02-10 14:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-16 15:07 - 2018-02-10 14:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-16 15:07 - 2018-02-10 14:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-16 15:07 - 2018-02-10 14:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-16 15:07 - 2018-02-10 14:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-16 15:07 - 2018-02-10 13:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-16 15:07 - 2018-02-10 13:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-16 15:07 - 2018-02-10 13:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-16 15:07 - 2018-02-10 13:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-16 15:07 - 2018-02-10 13:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-16 15:07 - 2018-02-10 13:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-16 15:07 - 2018-02-10 13:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-02-16 15:07 - 2018-02-10 13:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-16 15:07 - 2018-02-10 13:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-02-16 15:07 - 2018-02-10 13:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-16 15:07 - 2018-02-10 13:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-16 15:07 - 2018-02-10 13:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-16 15:07 - 2018-02-10 13:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-16 15:07 - 2018-02-10 13:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-16 15:07 - 2018-02-10 13:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-16 15:07 - 2018-02-03 14:04 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-02-16 15:07 - 2018-02-03 14:03 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-02-16 15:07 - 2018-02-03 07:53 - 007408984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-16 15:07 - 2018-01-21 19:54 - 000419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-16 15:07 - 2018-01-13 09:18 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-16 15:07 - 2018-01-13 05:42 - 000376664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-02-16 15:07 - 2018-01-13 02:31 - 004690944 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-16 15:07 - 2018-01-13 01:35 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-16 15:07 - 2018-01-12 02:19 - 000032384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-16 15:07 - 2018-01-12 01:56 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-16 15:07 - 2018-01-12 01:07 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-16 15:07 - 2018-01-09 14:21 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-16 15:07 - 2018-01-09 14:18 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-16 15:07 - 2018-01-02 16:00 - 000590680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-02-16 15:07 - 2018-01-02 16:00 - 000242520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-02-16 15:07 - 2018-01-02 16:00 - 000214392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-02-16 15:07 - 2018-01-02 15:56 - 002530400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-02-16 15:07 - 2018-01-02 15:56 - 000567656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-02-16 15:07 - 2018-01-02 15:56 - 000397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-02-16 15:07 - 2018-01-02 15:56 - 000136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-02-16 15:07 - 2018-01-02 14:39 - 022374248 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-02-16 15:07 - 2018-01-02 14:39 - 002013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-02-16 15:07 - 2018-01-02 14:39 - 000354648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-02-16 15:07 - 2018-01-02 14:38 - 002176064 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-02-16 15:07 - 2018-01-02 14:38 - 001662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-02-16 15:07 - 2018-01-02 14:38 - 001063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-02-16 15:07 - 2018-01-02 14:37 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-16 15:07 - 2018-01-02 14:37 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-02-16 15:07 - 2018-01-02 14:37 - 001536120 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-02-16 15:07 - 2018-01-02 14:37 - 001500432 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-02-16 15:07 - 2018-01-02 14:37 - 001371352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-02-16 15:07 - 2018-01-02 14:37 - 001135280 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-02-16 15:07 - 2018-01-02 14:37 - 000685440 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-16 15:07 - 2018-01-02 14:35 - 001307840 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-16 15:07 - 2018-01-02 14:35 - 000989528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-02-16 15:07 - 2018-01-02 14:05 - 000164296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2018-02-16 15:07 - 2018-01-02 14:03 - 000341384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-02-16 15:07 - 2018-01-02 14:01 - 001902328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-02-16 15:07 - 2018-01-02 14:00 - 019790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-02-16 15:07 - 2018-01-02 13:59 - 001565520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-02-16 15:07 - 2018-01-02 13:59 - 001213784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-02-16 15:07 - 2018-01-02 13:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-02-16 15:07 - 2018-01-02 13:48 - 000507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-02-16 15:07 - 2018-01-02 13:40 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-02-16 15:07 - 2018-01-02 13:39 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-02-16 15:07 - 2018-01-02 13:39 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2018-02-16 15:07 - 2018-01-02 13:39 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-02-16 15:07 - 2018-01-02 13:39 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-02-16 15:07 - 2018-01-02 13:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbusr.sys
2018-02-16 15:07 - 2018-01-02 13:37 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-02-16 15:07 - 2018-01-02 13:34 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-02-16 15:07 - 2018-01-02 13:31 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2018-02-16 15:07 - 2018-01-02 13:28 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-16 15:07 - 2018-01-02 13:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-02-16 15:07 - 2018-01-02 13:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-02-16 15:07 - 2018-01-02 13:18 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-16 15:07 - 2018-01-02 13:09 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-02-16 15:07 - 2018-01-02 13:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-16 15:07 - 2018-01-02 13:02 - 000862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-02-16 15:07 - 2018-01-02 12:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-02-16 15:07 - 2018-01-02 12:59 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-02-16 15:07 - 2018-01-02 12:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-02-16 15:07 - 2018-01-02 12:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-16 15:07 - 2018-01-02 12:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-02-16 15:07 - 2018-01-02 12:45 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-02-16 15:07 - 2018-01-02 12:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-02-16 15:07 - 2018-01-02 12:41 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-16 15:07 - 2018-01-02 12:40 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-16 15:07 - 2018-01-02 12:40 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-16 15:07 - 2018-01-02 12:37 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-02-16 15:07 - 2018-01-02 12:34 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-02-16 15:07 - 2018-01-02 12:34 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-02-16 15:07 - 2018-01-02 12:34 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-02-16 15:07 - 2018-01-02 12:33 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-02-16 15:07 - 2018-01-02 12:33 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-02-16 15:07 - 2018-01-02 12:33 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-02-16 15:07 - 2018-01-02 12:32 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-02-16 15:07 - 2018-01-02 12:29 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-02-16 15:07 - 2018-01-02 12:27 - 001696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-02-16 15:07 - 2018-01-02 12:27 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-02-16 15:07 - 2018-01-02 12:25 - 000795648 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-02-16 15:07 - 2018-01-02 12:23 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-02-16 15:07 - 2018-01-02 12:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-02-16 15:07 - 2018-01-02 12:21 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-02-16 15:07 - 2018-01-02 12:18 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-02-16 15:07 - 2018-01-02 12:17 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-02-16 15:07 - 2018-01-02 12:17 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-02-16 15:07 - 2018-01-02 12:17 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-02-16 15:07 - 2018-01-02 12:16 - 000881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-02-16 15:07 - 2018-01-02 12:16 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-02-16 15:07 - 2018-01-02 12:16 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-02-16 15:07 - 2018-01-02 12:13 - 002252800 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-02-16 15:07 - 2018-01-02 12:13 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-02-16 15:07 - 2018-01-02 12:12 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-02-16 15:07 - 2018-01-02 12:11 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-02-16 15:07 - 2018-01-02 12:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-02-16 15:07 - 2018-01-02 12:09 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-02-16 15:07 - 2018-01-02 12:09 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-02-16 15:07 - 2018-01-02 12:09 - 000543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-02-16 15:07 - 2018-01-02 12:07 - 001265664 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-02-16 15:07 - 2018-01-02 12:07 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-02-16 15:07 - 2018-01-02 12:06 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-02-16 15:07 - 2018-01-02 11:59 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-02-16 15:07 - 2018-01-02 11:57 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-02-16 15:07 - 2018-01-02 11:56 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-02-16 15:07 - 2018-01-02 11:55 - 003548160 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-02-16 15:07 - 2017-12-15 20:23 - 000276312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-02-16 15:07 - 2017-12-15 07:26 - 000374096 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-16 15:07 - 2017-12-15 05:39 - 000315736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-02-16 15:07 - 2017-12-14 18:19 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-16 15:07 - 2017-12-14 18:17 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-16 15:07 - 2017-12-13 13:39 - 000093008 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterSvc.dll
2018-02-16 15:07 - 2017-12-10 21:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-02-16 15:07 - 2017-12-10 21:58 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-02-16 15:07 - 2017-12-06 00:56 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2018-02-16 15:07 - 2017-12-06 00:52 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-16 15:07 - 2017-12-06 00:45 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2018-02-16 15:07 - 2017-12-06 00:42 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
2018-02-16 15:07 - 2017-12-06 00:32 - 000169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-02-16 15:07 - 2017-12-06 00:10 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2018-02-16 15:07 - 2017-12-06 00:02 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-16 15:07 - 2017-12-05 23:58 - 000132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-02-16 15:07 - 2017-12-05 23:24 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2018-02-16 15:07 - 2017-12-02 11:04 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-16 15:07 - 2017-11-25 05:58 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-02-16 15:07 - 2017-11-25 05:56 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-02-16 15:07 - 2017-11-25 05:46 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-02-16 15:07 - 2017-11-25 05:44 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-02-16 15:07 - 2017-11-08 23:55 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-02-16 15:07 - 2017-11-08 05:15 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-02-16 15:07 - 2017-11-08 04:49 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-02-16 15:07 - 2017-11-08 04:46 - 000285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2018-02-16 15:07 - 2017-11-08 04:27 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-02-16 15:07 - 2017-10-19 01:14 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-02-16 15:07 - 2017-10-18 03:11 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-02-16 15:07 - 2017-10-14 21:04 - 001548624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-02-16 15:07 - 2017-10-14 15:23 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-16 15:07 - 2017-10-14 15:17 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-02-16 15:07 - 2017-10-14 15:05 - 015431680 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-02-16 15:07 - 2017-10-14 14:19 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-02-16 15:07 - 2017-10-14 14:14 - 013317632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-02-16 15:07 - 2017-10-11 00:39 - 001192960 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2018-02-16 15:07 - 2017-10-11 00:36 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-02-16 15:07 - 2017-10-11 00:29 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2018-02-16 15:07 - 2017-10-10 23:42 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2018-02-16 15:07 - 2017-10-10 23:38 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-02-16 15:07 - 2017-10-10 23:38 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2018-02-16 15:07 - 2017-10-10 23:11 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-02-16 15:07 - 2017-10-10 23:08 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2018-02-16 15:07 - 2017-10-10 22:58 - 000949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2018-02-16 15:07 - 2017-10-05 15:17 - 000380248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-02-16 15:07 - 2017-09-14 09:18 - 001384216 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-02-16 15:07 - 2017-09-14 09:14 - 001124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-02-16 15:07 - 2017-09-13 21:31 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-02-16 15:07 - 2017-09-13 21:27 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2018-02-16 15:07 - 2017-09-10 01:38 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-02-16 15:07 - 2017-09-09 23:47 - 014466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-02-16 15:07 - 2017-09-09 23:21 - 012879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-02-16 15:07 - 2017-09-09 21:13 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2018-02-16 15:07 - 2017-09-09 21:13 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2018-02-16 15:07 - 2017-09-09 11:50 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-02-16 15:07 - 2017-09-09 02:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-16 15:07 - 2017-09-09 01:39 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-02-16 15:07 - 2017-09-09 01:14 - 003084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2018-02-16 15:07 - 2017-09-09 00:57 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-02-16 15:07 - 2017-09-09 00:50 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2018-02-16 15:07 - 2017-09-08 05:32 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-16 15:07 - 2017-09-08 05:31 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll
2018-02-16 15:07 - 2017-09-08 04:08 - 000656896 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-02-16 15:07 - 2017-09-08 03:54 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-02-16 15:07 - 2017-09-08 03:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll
2018-02-16 15:07 - 2017-09-08 02:24 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-02-16 15:07 - 2017-09-08 01:20 - 000513456 _____ C:\Windows\SysWOW64\locale.nls
2018-02-16 15:07 - 2017-09-08 01:20 - 000513456 _____ C:\Windows\system32\locale.nls
2018-02-16 15:07 - 2017-09-07 21:40 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-02-16 15:07 - 2017-09-07 21:40 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-02-16 15:07 - 2017-09-07 07:07 - 000158552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-02-16 15:07 - 2017-09-07 05:17 - 000461144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-02-16 15:07 - 2017-09-07 05:17 - 000443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-02-16 15:07 - 2017-09-06 22:14 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2018-02-16 15:07 - 2017-08-20 01:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2018-02-16 15:07 - 2017-08-20 00:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2018-02-16 15:07 - 2017-08-18 06:07 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-02-16 15:07 - 2017-08-18 06:07 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2018-02-16 15:07 - 2017-08-18 06:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-02-16 15:07 - 2017-08-18 06:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2018-02-16 15:07 - 2017-08-14 03:48 - 000202592 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-02-16 15:07 - 2017-08-14 01:52 - 000174944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-02-16 15:07 - 2017-08-14 01:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-02-16 15:07 - 2017-08-14 01:10 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-02-16 15:07 - 2017-08-14 00:33 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-02-16 15:07 - 2017-08-13 23:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2018-02-16 15:07 - 2017-08-12 05:19 - 000482304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2018-02-16 15:07 - 2017-08-12 05:14 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2018-02-16 15:07 - 2017-08-12 04:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2018-02-16 15:07 - 2017-08-11 11:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-02-16 15:07 - 2017-08-11 11:27 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-02-16 15:07 - 2017-08-11 10:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-02-16 15:07 - 2017-08-11 10:16 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2018-02-16 15:07 - 2017-08-11 10:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-02-16 15:07 - 2017-08-11 09:57 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2018-02-16 15:07 - 2017-08-11 09:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-02-16 15:07 - 2017-08-11 09:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2018-02-16 15:07 - 2017-08-11 09:44 - 001095680 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-02-16 15:07 - 2017-08-11 09:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-02-16 15:07 - 2017-08-11 09:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2018-02-16 15:07 - 2017-08-11 09:39 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-02-16 15:07 - 2017-08-11 09:30 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-02-16 15:07 - 2017-08-07 05:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2018-02-16 15:07 - 2017-08-07 05:20 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-02-16 15:07 - 2017-08-06 15:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2018-02-16 15:07 - 2017-08-02 11:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-02-16 15:07 - 2017-08-02 10:19 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-02-16 15:07 - 2017-08-01 16:25 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-02-16 15:07 - 2017-07-23 02:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2018-02-16 15:07 - 2017-07-23 01:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2018-02-16 15:07 - 2017-07-21 21:40 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2018-02-16 15:07 - 2017-07-21 21:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2018-02-16 15:07 - 2017-07-18 03:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2018-02-16 15:07 - 2017-07-17 07:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2018-02-16 15:07 - 2017-07-15 04:08 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2018-02-16 15:07 - 2017-07-15 02:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2018-02-16 15:07 - 2017-07-13 04:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2018-02-16 15:07 - 2017-07-13 04:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-16 15:07 - 2017-07-13 04:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2018-02-16 15:07 - 2017-07-13 04:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-02-16 15:07 - 2017-07-09 03:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-16 15:07 - 2017-07-09 02:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-16 15:07 - 2017-07-09 02:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-16 15:07 - 2017-07-09 01:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll
2018-02-16 15:07 - 2017-07-08 11:46 - 000377688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2018-02-16 15:07 - 2017-07-08 11:16 - 000086360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2018-02-16 15:07 - 2017-07-08 11:14 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-02-16 15:07 - 2017-07-06 16:52 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2018-02-16 15:07 - 2017-07-01 21:47 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2018-02-16 15:07 - 2017-07-01 21:47 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2018-02-16 15:07 - 2017-06-25 00:46 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2018-02-16 15:07 - 2017-06-25 00:16 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2018-02-16 15:07 - 2017-06-15 22:17 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-02-16 15:07 - 2017-06-15 22:16 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-02-16 15:07 - 2017-06-15 22:14 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2018-02-16 15:07 - 2017-06-15 22:14 - 000580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2018-02-16 15:07 - 2017-06-14 01:16 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2018-02-16 15:07 - 2017-06-14 01:11 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2018-02-16 15:07 - 2017-06-13 22:16 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-02-16 15:07 - 2017-06-13 16:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2018-02-16 15:07 - 2017-06-13 16:07 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2018-02-16 15:07 - 2017-06-13 16:03 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-02-16 15:07 - 2017-06-13 15:54 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-02-16 15:07 - 2017-06-12 06:21 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2018-02-16 15:07 - 2017-06-12 05:43 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2018-02-16 15:07 - 2017-06-12 05:25 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2018-02-16 15:07 - 2017-06-12 05:15 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2018-02-16 15:07 - 2017-06-12 05:07 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2018-02-16 15:07 - 2017-06-12 04:58 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2018-02-16 15:07 - 2017-06-12 04:40 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2018-02-16 15:07 - 2017-06-12 04:13 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2018-02-16 15:07 - 2017-06-12 04:11 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2018-02-16 15:07 - 2017-06-12 04:02 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2018-02-16 15:07 - 2017-06-09 21:47 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml
2018-02-16 15:07 - 2017-06-07 12:25 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-16 15:07 - 2017-06-07 04:52 - 003120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-02-16 15:07 - 2017-06-07 04:42 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2018-02-16 15:07 - 2017-06-07 04:38 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll
2018-02-16 15:07 - 2017-06-07 04:36 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll
2018-02-16 15:07 - 2017-06-07 04:35 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2018-02-16 15:07 - 2017-06-07 03:13 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2018-02-16 15:07 - 2017-06-07 03:11 - 000557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2018-02-16 15:07 - 2017-06-07 03:11 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2018-02-16 15:07 - 2017-06-07 03:11 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2018-02-16 15:07 - 2017-06-07 03:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2018-02-16 15:07 - 2017-06-07 03:08 - 002712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-02-16 15:07 - 2017-06-07 03:03 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2018-02-16 15:07 - 2017-06-07 02:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll
2018-02-16 15:07 - 2017-06-07 02:57 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll
2018-02-16 15:07 - 2017-06-07 02:56 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2018-02-16 15:07 - 2017-06-07 02:03 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ulib.dll
2018-02-16 15:07 - 2017-06-07 02:02 - 000513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2018-02-16 15:07 - 2017-06-07 02:02 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2018-02-16 15:07 - 2017-06-07 02:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll
2018-02-16 15:07 - 2017-06-07 02:02 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll
2018-02-16 15:07 - 2017-06-04 00:27 - 002346496 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-02-16 15:07 - 2017-06-04 00:03 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-02-16 15:07 - 2017-06-02 20:15 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-02-16 15:07 - 2017-06-02 20:12 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-02-16 15:07 - 2017-06-02 20:12 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-02-16 15:07 - 2017-06-02 20:06 - 001001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-02-16 15:07 - 2017-06-02 20:01 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-02-16 15:07 - 2017-06-02 19:03 - 000903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-02-16 15:07 - 2017-06-02 18:24 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-02-16 15:07 - 2017-06-02 18:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-02-16 15:07 - 2017-06-02 17:43 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-02-16 15:07 - 2017-06-01 05:20 - 000470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-16 15:07 - 2017-05-28 00:42 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-02-16 15:07 - 2017-05-28 00:38 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2018-02-16 15:07 - 2017-05-16 06:09 - 000057688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-02-16 15:07 - 2017-05-16 03:58 - 000121184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-02-16 15:07 - 2017-05-13 00:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-02-16 15:07 - 2017-05-12 23:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-02-16 15:07 - 2017-05-12 23:50 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-02-16 15:07 - 2017-05-12 23:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-02-16 15:07 - 2017-05-12 23:47 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-02-16 15:07 - 2017-05-12 10:58 - 001985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-02-16 15:07 - 2017-05-12 10:48 - 001377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-02-16 15:07 - 2017-05-12 10:11 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-02-16 15:07 - 2017-05-12 10:10 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-02-16 15:07 - 2017-05-12 10:07 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-02-16 15:07 - 2017-05-12 10:06 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-02-16 15:07 - 2017-05-12 10:04 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-02-16 15:07 - 2017-05-12 10:00 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-02-16 15:07 - 2017-05-11 02:19 - 000101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-02-16 15:07 - 2017-05-09 22:37 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2018-02-16 15:07 - 2017-05-09 22:35 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2018-02-16 15:07 - 2017-05-09 22:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2018-02-16 15:07 - 2017-05-09 22:29 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2018-02-16 15:07 - 2017-05-09 22:28 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-02-16 15:07 - 2017-05-09 22:28 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2018-02-16 15:07 - 2017-05-03 02:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-02-16 15:07 - 2017-05-03 02:31 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2018-02-16 15:07 - 2017-05-03 01:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-02-16 15:07 - 2017-05-01 00:48 - 000080078 _____ C:\Windows\system32\normidna.nls
2018-02-16 15:07 - 2017-04-28 09:13 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2018-02-16 15:07 - 2017-04-28 09:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2018-02-16 15:07 - 2017-04-16 18:18 - 000803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-02-16 15:07 - 2017-04-16 17:07 - 000548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-02-16 15:07 - 2017-04-16 17:05 - 000612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-02-16 15:07 - 2017-04-16 16:10 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-16 15:07 - 2017-04-16 15:29 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-02-16 15:07 - 2017-04-10 06:00 - 000388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-02-16 15:07 - 2017-04-10 04:40 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-02-16 15:07 - 2017-04-10 03:00 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspiper.dll
2018-02-16 15:07 - 2017-04-07 01:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2018-02-16 15:07 - 2017-04-07 00:46 - 000434688 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-16 15:07 - 2017-04-07 00:35 - 001362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-02-16 15:07 - 2017-04-07 00:15 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-02-16 15:07 - 2017-04-06 23:44 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2018-02-16 15:07 - 2017-04-02 22:49 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-02-16 15:07 - 2017-04-01 07:16 - 001968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-02-16 15:07 - 2017-04-01 05:59 - 001612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-02-16 15:07 - 2017-03-14 00:38 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2018-02-16 15:07 - 2017-03-14 00:13 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2018-02-16 15:07 - 2017-03-11 11:59 - 001763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-02-16 15:07 - 2017-03-11 11:56 - 001489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-02-16 15:07 - 2017-03-10 04:52 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2018-02-16 15:07 - 2017-03-10 03:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2018-02-16 15:07 - 2017-03-05 03:24 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-02-16 15:07 - 2017-03-05 03:06 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2018-02-16 15:07 - 2017-03-05 02:15 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2018-02-16 15:07 - 2017-03-03 23:11 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-02-16 15:07 - 2017-03-03 23:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2018-02-16 15:07 - 2017-03-03 23:06 - 001501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-02-16 15:07 - 2017-03-03 23:04 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2018-02-16 15:07 - 2017-02-12 00:49 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2018-02-16 15:07 - 2017-02-10 22:37 - 000046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2018-02-16 15:07 - 2017-02-05 03:32 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-02-16 15:07 - 2017-02-05 01:53 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2018-02-16 15:07 - 2017-02-05 01:51 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-02-16 15:07 - 2017-02-05 01:50 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-02-16 15:07 - 2017-02-05 01:32 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-02-16 15:07 - 2017-02-05 01:19 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2018-02-16 15:07 - 2017-02-05 01:17 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-02-16 15:07 - 2017-02-05 01:05 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-02-16 15:07 - 2017-02-02 03:44 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-16 15:07 - 2017-01-22 03:27 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-16 15:07 - 2017-01-22 03:22 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-02-16 15:07 - 2017-01-22 02:40 - 000756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-02-16 15:07 - 2017-01-19 10:18 - 001113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-02-16 15:07 - 2017-01-15 04:32 - 000955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-02-16 15:07 - 2017-01-15 03:18 - 000787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-02-16 15:07 - 2017-01-15 01:49 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2018-02-16 15:07 - 2017-01-13 00:51 - 000274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2018-02-16 15:07 - 2017-01-13 00:51 - 000117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2018-02-16 15:07 - 2017-01-12 23:03 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2018-02-16 15:07 - 2017-01-12 01:28 - 000422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-02-16 15:07 - 2017-01-11 05:06 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-02-16 15:07 - 2017-01-11 04:46 - 001388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2018-02-16 15:07 - 2017-01-11 03:20 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-02-16 15:07 - 2017-01-11 03:09 - 001108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2018-02-16 15:07 - 2017-01-07 01:25 - 002513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2018-02-16 15:07 - 2017-01-07 01:04 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2018-02-16 15:06 - 2018-02-02 02:51 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-16 15:06 - 2018-01-02 13:37 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-02-16 15:06 - 2018-01-02 12:29 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-02-16 15:06 - 2018-01-02 12:08 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-02-16 15:06 - 2018-01-02 12:05 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-02-16 15:06 - 2017-06-07 04:36 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe
2018-02-16 15:06 - 2017-01-22 03:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2018-02-16 15:06 - 2017-01-22 03:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-16 15:06 - 2017-01-22 02:40 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2018-02-16 15:06 - 2017-01-22 02:40 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-02-16 14:36 - 2018-02-16 14:36 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-02-16 14:32 - 2018-02-16 15:43 - 000000000 ____D C:\ProgramData\HitmanPro
2018-02-16 14:32 - 2018-02-16 14:32 - 000001901 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-02-16 14:32 - 2018-02-16 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-02-16 14:32 - 2018-02-16 14:32 - 000000000 ____D C:\Program Files\HitmanPro
2018-02-16 14:31 - 2018-02-16 14:32 - 011605440 _____ (SurfRight B.V.) C:\Users\Uplink1209\Downloads\hitmanpro_x64.exe
2018-02-16 14:30 - 2018-02-17 17:08 - 000000000 ____D C:\AdwCleaner
2018-02-16 14:30 - 2018-02-17 16:58 - 000002892 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Uplink1209)
2018-02-16 14:30 - 2018-02-16 14:30 - 008222496 _____ (Malwarebytes) C:\Users\Uplink1209\Downloads\adwcleaner_7.0.8.0.exe
2018-02-16 13:59 - 2017-12-14 21:21 - 000000000 ____D C:\Users\Uplink1209\Desktop\UnHackMe 9.50 Build 650 Multilingual + Crack
2018-02-16 13:59 - 2017-12-13 17:47 - 000014984 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2018-02-16 13:59 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2018-02-16 13:52 - 2018-02-16 13:59 - 019058984 _____ C:\Users\Uplink1209\Downloads\UnHackMe 9.50 Build 650 Multilingual + _ [JsPC4u].rar
2018-02-16 13:49 - 2018-02-16 13:49 - 000003713 _____ C:\Users\Uplink1209\Downloads\UnHackMe 9.50 Build 650 _ [JsPC4u].rar
2018-02-16 12:50 - 2013-08-22 21:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.old
2018-02-16 12:45 - 2018-02-16 12:46 - 018210200 _____ C:\Users\Uplink1209\Downloads\unhackmeb (1).zip
2018-02-16 12:38 - 2018-02-16 12:38 - 000000258 __RSH C:\Users\Uplink1209\ntuser.pol
2018-02-15 23:27 - 2018-02-15 23:27 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2018-02-15 23:22 - 2018-02-15 23:25 - 069329823 _____ C:\Users\Uplink1209\Desktop\mstoolkit265stable.zip
2018-02-15 23:21 - 2018-02-15 23:21 - 000000496 _____ C:\Users\Uplink1209\Downloads\mstoolkit265stable_f0e-b6b.torrent
2018-02-15 19:41 - 2018-02-15 19:41 - 000022986 _____ C:\Users\Uplink1209\Downloads\Fairy_Penguin_II.sub
2018-02-13 22:19 - 2018-02-13 23:02 - 000138798 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-02-13 at 8.54.08 PM.jpeg
2018-02-13 22:19 - 2018-02-13 21:54 - 000238635 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-02-13 at 9.20.17 PM.jpeg
2018-02-13 21:54 - 2018-02-13 21:54 - 000238635 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-02-13 at 9.20.17 PM.jpeg
2018-02-13 21:24 - 2018-02-13 21:24 - 000106302 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-02-13 at 9.16.04 PM.jpeg
2018-02-13 21:24 - 2018-02-13 21:24 - 000106302 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-02-13 at 9.16.04 PM.jpeg
2018-02-13 21:00 - 2018-02-13 23:40 - 000138798 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-02-13 at 8.54.08 PM.jpeg
2018-02-12 19:16 - 2018-02-12 19:16 - 000000932 _____ C:\Users\Public\Desktop\Battle.net.lnk
2018-02-12 19:16 - 2018-02-12 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-02-04 12:02 - 2018-01-29 06:07 - 000000000 ____D C:\Users\Uplink1209\Desktop\From.The.Depths.v2.14
2018-02-04 12:00 - 2018-02-04 12:02 - 568532992 _____ C:\Users\Uplink1209\Downloads\From.The.Depths.v2.14.rar
2018-01-30 19:35 - 2018-01-30 19:35 - 000204901 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-01-29 at 10.53.56 PM.jpeg
2018-01-30 19:35 - 2018-01-30 19:35 - 000204901 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-01-29 at 10.53.56 PM.jpeg
2018-01-30 19:35 - 2018-01-30 19:35 - 000134598 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-01-29 at 11.00.33 PM.jpeg
2018-01-30 19:35 - 2018-01-30 19:35 - 000134598 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-01-29 at 11.00.33 PM.jpeg
2018-01-29 20:09 - 2018-01-29 20:09 - 003974995 _____ C:\Users\Uplink1209\Downloads\JordanShutingFinalEnc.mp4
2018-01-29 20:09 - 2018-01-29 20:09 - 003974995 _____ C:\Users\Uplink1209\Desktop\JordanShutingFinalEnc.mp4
2018-01-29 20:06 - 2018-01-29 20:07 - 009917712 _____ C:\Users\Uplink1209\Desktop\JordanShutingFinalEnc.avi
2018-01-29 20:04 - 2018-01-29 20:05 - 1666480940 _____ C:\Users\Uplink1209\Desktop\JordanShutingFinal.avi
2018-01-29 20:04 - 2018-01-29 20:04 - 137208040 _____ C:\Users\Uplink1209\Desktop\Jordan.avi
2018-01-29 19:13 - 2018-01-29 19:13 - 003634566 _____ C:\Users\Uplink1209\Downloads\Shooting stars meme background.mp4
2018-01-29 19:04 - 2018-01-29 19:04 - 023663000 _____ C:\Users\Uplink1209\Desktop\Jordan+Chroma.avi
2018-01-28 21:58 - 2018-01-29 18:29 - 000060519 _____ C:\Users\Uplink1209\Desktop\WhatsApp Video 2018-01-22 at 4.08.36 PM.mp4
2018-01-28 21:58 - 2018-01-28 21:58 - 000056942 _____ C:\Users\Uplink1209\Downloads\WhatsApp Video 2018-01-22 at 4.08.36 PM.mp4
2018-01-28 20:23 - 2018-01-28 20:23 - 000015180 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-01-28 at 8.18.44 PM.jpeg
2018-01-28 20:23 - 2018-01-28 20:23 - 000015180 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-01-28 at 8.18.44 PM.jpeg
2018-01-28 14:59 - 2018-01-28 14:59 - 000000222 _____ C:\Users\Uplink1209\Desktop\Insurgency.url
2018-01-28 14:38 - 2018-01-05 05:50 - 000000000 ____D C:\Users\Uplink1209\Desktop\From.The.Depths.v2.12
2018-01-28 14:36 - 2018-01-28 14:37 - 568467494 _____ C:\Users\Uplink1209\Downloads\From.The.Depths.v2.12.rar
2018-01-25 22:17 - 2018-01-25 22:17 - 000142091 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-01-25 at 10.15.06 PM.jpeg
2018-01-25 22:17 - 2018-01-25 22:17 - 000142091 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-01-25 at 10.15.06 PM.jpeg
2018-01-22 19:58 - 2018-01-22 19:58 - 000160240 _____ C:\Users\Uplink1209\Downloads\WhatsApp Image 2018-01-22 at 7.54.34 PM.jpeg
2018-01-22 19:58 - 2018-01-22 19:58 - 000160240 _____ C:\Users\Uplink1209\Desktop\WhatsApp Image 2018-01-22 at 7.54.34 PM.jpeg
2018-01-21 15:41 - 2018-01-21 15:51 - 000000000 ____D C:\Users\Uplink1209\AppData\Roaming\SCP Secret Laboratory
2018-01-21 15:41 - 2018-01-21 15:41 - 000000000 ____D C:\Users\Uplink1209\AppData\LocalLow\Hubert Moszka
2018-01-21 15:39 - 2018-01-21 15:39 - 000000222 _____ C:\Users\Uplink1209\Desktop\SCP Secret Laboratory.url
2018-01-20 13:02 - 2018-01-20 13:02 - 000019818 _____ C:\Users\Uplink1209\Downloads\1461956979_Free_16_32x32_pixelart_tiles.gmez
2018-01-20 11:17 - 2018-01-20 11:17 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\HP_Inc
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-18 10:58 - 2015-11-21 10:19 - 000003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-303350786-1125687927-30880191-1003
2018-02-18 10:57 - 2015-11-21 10:15 - 000003790 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{08793EDC-27C1-4EE1-A52D-E8C1AC6662E8}
2018-02-18 10:54 - 2015-11-21 10:29 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-18 10:53 - 2014-03-18 18:17 - 000913650 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-18 10:53 - 2013-08-22 21:36 - 000000000 ____D C:\Windows\Inf
2018-02-17 23:37 - 2015-11-21 15:55 - 000000000 ____D C:\Users\Uplink1209\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-17 23:28 - 2016-04-02 13:37 - 000000000 ____D C:\Users\Uplink1209\Documents\RegRun2
2018-02-17 23:27 - 2016-04-02 13:37 - 000000000 ____D C:\Users\Public\Documents\regruninfo
2018-02-17 23:25 - 2016-07-09 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-02-17 23:24 - 2016-07-09 17:28 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-02-17 23:24 - 2016-07-09 17:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-02-17 23:16 - 2017-03-06 17:56 - 000000000 ____D C:\ProgramData\RegRun
2018-02-17 21:06 - 2016-01-20 09:01 - 000000000 ____D C:\Program Files (x86)\Overwolf
2018-02-17 17:56 - 2015-12-30 09:07 - 000000000 ____D C:\Users\Uplink1209\AppData\Roaming\uTorrent
2018-02-17 17:08 - 2017-03-06 17:52 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2018-02-17 17:05 - 2017-03-06 17:52 - 000000002 RSHOT C:\Windows\winstart.bat
2018-02-17 17:05 - 2017-03-06 17:52 - 000000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2018-02-17 17:05 - 2017-03-06 17:52 - 000000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2018-02-17 17:02 - 2016-01-21 09:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-17 16:58 - 2017-11-14 21:05 - 000003414 _____ C:\Windows\System32\Tasks\gxx speed launcher
2018-02-17 16:58 - 2017-10-03 10:48 - 000002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-02-17 15:53 - 2016-06-26 10:30 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\osu!
2018-02-17 13:59 - 2015-11-26 08:05 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-16 18:33 - 2016-10-28 10:38 - 000000000 ____D C:\Users\PC admin\AppData\Roaming\Skype
2018-02-16 18:32 - 2016-09-30 22:52 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-02-16 18:32 - 2013-08-22 22:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-16 18:30 - 2015-11-04 15:17 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-16 18:20 - 2015-11-04 12:00 - 000000000 ____D C:\Windows\system32\MRT
2018-02-16 18:20 - 2013-08-22 23:20 - 000000000 ____D C:\Windows\CbsTemp
2018-02-16 18:16 - 2015-11-04 12:00 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-16 18:05 - 2013-08-22 22:44 - 004966816 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-16 17:58 - 2013-08-22 23:36 - 000000000 ___RD C:\Windows\ToastData
2018-02-16 17:58 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-02-16 17:58 - 2013-08-22 23:36 - 000000000 ____D C:\Program Files\Windows Defender
2018-02-16 17:58 - 2013-08-22 23:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-02-16 17:53 - 2015-11-03 17:30 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-02-16 17:52 - 2015-11-04 10:12 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-303350786-1125687927-30880191-1001
2018-02-16 17:51 - 2015-11-21 10:13 - 000000000 ____D C:\Users\Uplink1209
2018-02-16 17:17 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\AppReadiness
2018-02-16 17:16 - 2013-08-22 23:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-16 17:13 - 2016-06-07 00:59 - 000000000 ____D C:\Users\PC admin\AppData\Local\Google
2018-02-16 17:06 - 2016-12-16 14:31 - 000000000 ____D C:\Users\PC admin\AppData\Local\Steam
2018-02-16 17:05 - 2017-03-09 21:43 - 000000000 ____D C:\ProgramData\LogiShrd
2018-02-16 17:05 - 2016-12-16 14:37 - 000000000 ____D C:\Users\PC admin\AppData\Local\VirtualStore
2018-02-16 17:05 - 2015-11-03 17:30 - 000000000 ____D C:\Users\PC admin
2018-02-16 15:17 - 2015-11-21 10:14 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\Packages
2018-02-16 15:01 - 2013-08-22 21:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-02-16 14:52 - 2017-10-03 10:55 - 000000000 ____D C:\ProgramData\IObit
2018-02-16 14:51 - 2017-10-03 10:55 - 000000000 ____D C:\Users\Uplink1209\AppData\Roaming\IObit
2018-02-16 14:51 - 2017-10-03 10:55 - 000000000 ____D C:\Users\Uplink1209\AppData\LocalLow\IObit
2018-02-16 14:51 - 2017-10-03 10:55 - 000000000 ____D C:\Program Files (x86)\IObit
2018-02-16 14:33 - 2015-11-21 16:48 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\LogMeIn Hamachi
2018-02-16 12:34 - 2017-11-05 12:28 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-15 23:31 - 2013-08-22 23:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-02-15 23:19 - 2017-12-17 11:17 - 000003188 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUplink1209
2018-02-15 23:19 - 2017-12-17 11:17 - 000000364 _____ C:\Windows\Tasks\HPCeeScheduleForUplink1209.job
2018-02-14 18:56 - 2015-11-21 10:16 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-12 19:21 - 2017-04-27 17:38 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2018-02-12 19:17 - 2017-09-13 17:48 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-02-12 19:17 - 2017-04-27 17:36 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\Battle.net
2018-02-12 19:17 - 2016-11-19 11:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-02-10 22:57 - 2015-11-21 10:42 - 000000000 ____D C:\Users\Uplink1209\Documents\From The Depths
2018-01-31 22:15 - 2015-12-01 09:14 - 000003364 _____ C:\Users\Uplink1209\AppData\Roaming\VoiceMeeterDefault.xml
2018-01-30 19:51 - 2017-06-08 22:31 - 000000000 ____D C:\Users\Uplink1209\Documents\Adobe
2018-01-30 19:51 - 2017-04-24 19:18 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-01-30 19:51 - 2017-04-24 19:13 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\Adobe
2018-01-30 19:51 - 2015-11-21 10:14 - 000000000 ____D C:\Users\Uplink1209\AppData\Roaming\Adobe
2018-01-29 20:11 - 2017-12-19 07:46 - 000000000 ____D C:\Users\Uplink1209\Desktop\CC MOD TRL
2018-01-28 19:18 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\system32\NDF
2018-01-21 16:22 - 2015-11-26 05:43 - 000000000 ____D C:\Users\Uplink1209\AppData\Local\ElevatedDiagnostics
2018-01-19 20:44 - 2017-03-29 21:54 - 000000000 ____D C:\Program Files (x86)\Playpark
 
==================== Files in the root of some directories =======
 
2017-08-08 18:30 - 2017-06-09 18:30 - 000000032 ____R () C:\ProgramData\hash.dat
2016-11-25 22:45 - 2016-11-25 22:45 - 000001167 _____ () C:\Users\Uplink1209\AppData\Roaming\trace_FilterInstaller.1.txt
2016-11-25 22:45 - 2016-11-25 23:08 - 000000905 _____ () C:\Users\Uplink1209\AppData\Roaming\trace_FilterInstaller.txt
2016-11-25 22:45 - 2016-11-25 23:08 - 000000000 _____ () C:\Users\Uplink1209\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-12-01 09:14 - 2018-01-31 22:15 - 000003364 _____ () C:\Users\Uplink1209\AppData\Roaming\VoiceMeeterDefault.xml
2017-02-13 16:14 - 2017-03-09 18:48 - 000000323 _____ () C:\Users\Uplink1209\AppData\Roaming\WB.CFG
2017-03-22 16:45 - 2017-03-22 16:45 - 000007605 _____ () C:\Users\Uplink1209\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
2018-02-16 17:18 - 2016-08-13 15:40 - 001737080 _____ (Microsoft Corporation) C:\Users\PC admin\AppData\Local\Temp\dllnt_dump.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-02-13 23:58
 
==================== End of FRST.txt ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,964 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:21 PM

Posted 18 February 2018 - 09:14 AM

Hi,

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\Run: [AdobeBridge] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR Extension: (Tampermonkey) - C:\Users\Uplink1209\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-28]
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

HKU\S-1-5-21-303350786-1125687927-30880191-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02182018105551753\...\ChromeHTML: ->  <==== ATTENTION
HKU\S-1-5-21-303350786-1125687927-30880191-1003\...\ChromeHTML: ->  <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {34758503-730A-4C44-870D-03CBA971B223} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {4462A8AF-59E5-4B43-85BA-704493C22894} - \AutoKMS -> No File <==== ATTENTION
Task: {536CD26B-7718-4EF3-A059-FA09A04CDB55} - \ASC10_SkipUac_Uplink1209 -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {DCADFAAD-D7D0-42C1-B800-2DE872743694} - no filepath
C:\Windows\System32\Tasks\KMSAutoNet
C:\ProgramData\KMSAutoS

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended. (You need to check with Internet Explorer) <- Important.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
===

Please let me know what problem persists with this computer.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,964 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:21 PM

Posted 24 February 2018 - 08:19 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users