Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Crypt virus/Trojen hijacked phone and puter!

This is a discussion on Crypt virus/Trojen hijacked phone and puter! within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I have been having allot of issues lately. Just got over crypta hijack virus. Now I am seeing strange activity


Closed Thread
 
Thread Tools Search this Thread
Old 06-02-2016, 10:56 AM   #1
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10


Angry

I have been having allot of issues lately. Just got over crypta hijack virus. Now I am seeing strange activity on my phone and puter again. Duel hosts in router desktop and PC_937 also my directorys being move to sub/sub/sub dir's. I had rogers Tek-Xperts try to help and reset computer formatted drives but still I'm having issues with networking and my phone was taken over also. making text sms from me to me through another country. it was making fake web pages on top of real ones with options that they wanted me to see and click!
I appreciate all the help i can get!


DDS Log Below

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Darryll at 12:26:27 on 2016-06-02
Microsoft Windows 10 Pro 10.0.10586.0.1252.1.1033.18.12193.10375 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\System32\snmp.exe
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\sihost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\System32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Windows Defender\msascui.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchFilterHost.exe
\\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2333f138-864d-49be-8024-ea698ab016af} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{f9d7127e-61b5-4f4d-a765-aebd44c2e6fc} : DHCPNameServer = 192.168.0.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\
FF - prefs.js: browser.startup.homepage - hxxps://ca.rogers.yahoo.com/
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-26 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-3-16 28552]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-8-18 359848]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2016-5-26 743688]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2013-4-24 109336]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-5-26 245760]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2015-10-30 2504192]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
R3 rtbth;RTBTH Bluetooth Device Driver;C:\WINDOWS\System32\drivers\rtbth.sys [2015-6-3 1219200]
R3 RTL8167;Realtek 8167 NT Driver;C:\WINDOWS\System32\drivers\Rt64win7.sys [2016-3-31 1027840]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-2-13 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-5-26 129152]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2014-8-20 452056]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-5-26 221824]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-26 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-5-26 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-26 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-5-26 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-5-26 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-5-26 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-06-02 15:54:53 -------- d-----w- C:\WINDOWS\System32\appmgmt
2016-06-02 15:37:18 -------- d-----w- C:\cygwin64
2016-06-02 15:05:53 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34903EDB-6B61-4A34-96B9-4D9EA73C5BC8}\mpengine.dll
2016-06-02 15:00:32 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-06-01 21:39:30 -------- d-----w- C:\KVRT_Data
2016-06-01 20:59:29 -------- d-----w- C:\Users\Darryll\AppData\Roaming\QuickScan
2016-06-01 14:12:18 -------- d-----w- C:\ProgramData\Cisco Systems
2016-05-29 13:36:57 -------- d-sh--w- C:\Users\Darryll\IntelGraphicsProfiles
2016-05-28 23:44:07 91128 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2016-05-28 23:41:08 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 23:41:08 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-28 17:50:58 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-05-28 14:19:33 -------- d-----w- C:\Users\Darryll\AppData\Local\ElevatedDiagnostics
2016-05-28 12:28:57 -------- d-----w- C:\recuva
2016-05-28 12:27:37 -------- d-----w- C:\Users\Darryll\AppData\Roaming\WinZip
2016-05-27 17:03:56 -------- d-----w- C:\Tor
2016-05-27 00:56:37 -------- d-----w- C:\Users\Darryll\AppData\Roaming\WinBatch
2016-05-27 00:49:12 -------- d-----w- C:\Users\Darryll\AppData\Local\CEF
2016-05-27 00:48:04 -------- d-----w- C:\Program Files\Common Files\Intel
2016-05-27 00:47:41 -------- d-----w- C:\ProgramData\Package Cache
2016-05-27 00:47:39 -------- d-----w- C:\Program Files\Common Files\McAfee
2016-05-27 00:47:39 -------- d-----w- C:\Program Files (x86)\McAfee
2016-05-27 00:39:32 -------- d-----w- C:\Users\Darryll\AppData\Local\Macromedia
2016-05-27 00:39:04 -------- d-----w- C:\Users\Darryll\AppData\Local\Adobe
2016-05-26 22:39:37 -------- d-----w- C:\Users\Darryll\AppData\Local\Hewlett-Packard
2016-05-26 22:08:27 -------- d-----w- C:\System.sav
2016-05-26 22:07:30 -------- d-----w- C:\Users\Darryll\AppData\Roaming\hpqLog
2016-05-26 21:41:17 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2016-05-26 21:39:25 -------- d-----w- C:\Users\Darryll\AppData\Local\PeerDistRepub
2016-05-26 20:59:00 -------- d-----w- C:\ProgramData\UniqueId
2016-05-26 15:37:54 221824 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2016-05-26 15:37:54 129152 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2016-05-26 15:37:30 -------- d-----w- C:\Program Files\SAMSUNG
2016-05-26 15:27:46 -------- d-----w- C:\ProgramData\Samsung
2016-05-26 15:26:36 -------- d-----w- C:\FRST
2016-05-26 14:23:04 -------- d-----w- C:\ProgramData\Avg_Update_0516piz
2016-05-26 14:22:10 -------- d-----w- C:\Users\Darryll\AppData\Roaming\AVG
2016-05-26 14:21:35 -------- d-----w- C:\Users\Darryll\AppData\Roaming\TuneUp Software
2016-05-26 14:21:04 -------- d-----w- C:\Users\Darryll\AppData\Local\MFAData
2016-05-26 14:21:04 -------- d-----w- C:\ProgramData\MFAData
2016-05-26 14:17:44 -------- d---a-w- C:\ProgramData\Avg
2016-05-26 14:17:39 -------- d--h--w- C:\ProgramData\Common Files
2016-05-26 14:17:25 -------- d-----w- C:\Users\Darryll\AppData\Local\AvgSetupLog
2016-05-26 14:17:25 -------- d-----w- C:\Users\Darryll\AppData\Local\Avg
2016-05-26 14:02:12 -------- d-----w- C:\Users\Darryll\AppData\Local\Comms
2016-05-26 14:00:18 453288 ------w- C:\WINDOWS\System32\MpSigStub.exe
2016-05-26 13:57:58 -------- d-----w- C:\WINDOWS\System32\MRT
2016-05-26 13:55:59 7977472 ----a-w- C:\WINDOWS\System32\mos.dll
.
==================== Find3M ====================
.
2016-06-02 16:16:59 17920 ----a-w- C:\WINDOWS\System32\wow64mib.dll
2016-05-26 01:09:37 209408 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2016-05-26 01:09:36 230912 ----a-w- C:\WINDOWS\System32\msclmd.dll
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-25 04:36:12 716928 ----a-w- C:\WINDOWS\System32\WinUSBCoInstaller.dll
2016-04-25 04:36:08 1499408 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01007.dll
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 0557 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
2016-04-23 05:00:35 1337240 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2016-04-23 05:00:29 58208 ----a-w- C:\WINDOWS\System32\dwminit.dll
2016-04-23 05:00:29 1372304 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-04-23 04:56:52 534872 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-04-23 04:39:37 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-04-23 04:35:38 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2016-04-23 04:34:30 59392 ----a-w- C:\WINDOWS\System32\hmkd.dll
2016-04-23 04:34:19 67072 ----a-w- C:\WINDOWS\System32\drivers\usbser.sys
2016-04-23 04:33:59 63488 ----a-w- C:\WINDOWS\System32\drivers\UcmCx.sys
2016-04-23 04:33:58 65536 ----a-w- C:\WINDOWS\System32\drivers\UMDF\UcmCx.dll
2016-04-23 04:33:47 38400 ----a-w- C:\WINDOWS\System32\ByteCodeGenerator.exe
2016-04-23 04:33:36 89600 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll
2016-04-23 04:33:16 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
2016-04-23 04:32:22 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2016-04-23 04:32:11 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-04-23 04:32:01 69632 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-23 04:31:17 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2016-04-23 04:31:08 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2016-04-23 04:31:00 13018112 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-04-23 04:30:51 50176 ----a-w- C:\WINDOWS\SysWow64\MosHostClient.dll
2016-04-23 04:30:35 120320 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
.
============= FINISH: 12:26:33.61 ===============
Attached Files
File Type: txt attach.txt (16.9 KB, 34 views)
dmath1n is offline  
Sponsored Links
Advertisement
 
Old 06-02-2016, 11:41 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please do not wrap logs in quote or codeboxes. It makes the logs harder to read. Thanks.

------------------------------------------------------

We need to make sure no remnants of AVG remain on your system.

Please download AVG Remover and Save it to your Desktop.
  • Close all programs and double-click avg_remover_stf_x64_2015_5501.exe then click Run
  • In Vista/Win7, right-click and choose 'Run as administrator'.
  • Follow the on-screen instructions.
  • Reboot your computer if not prompted already.
  • Then delete avg_remover_stf_x64_2015_5501.exe and the avgremover.log from your desktop.
------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-02-2016, 01:45 PM   #3
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



As Requested: Contents of ADWCleaner!

# AdwCleaner v5.119 - Logfile created 02/06/2016 at 16:36:35
# Updated 30/05/2016 by Xplode
# Database : 2016-05-30.3 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : Darryll - DARRYLL-PC
# Running from : C:\Users\Darryll\Desktop\adwcleaner_5.119.exe
# Option : Clean
# Support : ToolsLib - Forum: Ask for help or share your experience.

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1521 bytes] - [02/06/2016 16:36:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1779 bytes] - [02/06/2016 16:32:36]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1667 bytes] ##########
is this right.jpg I have 2 hdd and no recovery partition! Humm!
Great job on that one! I Hope lol :-)
Attached Thumbnails
Click image for larger version

Name:	iis this right.jpg
Views:	174
Size:	105.3 KB
ID:	283562  
dmath1n is offline  
Sponsored Links
Advertisement
 
Old 06-02-2016, 07:24 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Did you see the instructions for the second tool, FRST?
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-03-2016, 04:24 AM   #5
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



Ops sorry I hope I did not screw it up. What can I do now?
was the second tool not adwcleaner?
dmath1n is offline  
Old 06-03-2016, 05:36 AM   #6
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



Sorry FRST log part !:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-06-2016
Ran by Darryll (administrator) on DARRYLL-PC (03-06-2016 08:26:54)
Running from C:\Users\Darryll\Desktop
Loaded Profiles: Darryll (Available Profiles: Darryll)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57881.0_x64__8wekyb3d8bbwe\onenoteim.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2333f138-864d-49be-8024-ea698ab016af}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f9d7127e-61b5-4f4d-a765-aebd44c2e6fc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File

FireFox:
========
FF ProfilePath: C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default
FF Homepage: hxxps://ca.rogers.yahoo.com/
FF Extension: Text Link - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2016-05-26]
FF Extension: IMDB Search - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2016-05-30]
FF Extension: AdBlocker Ultimate - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\Extensions\[email protected] [2016-05-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-08-18] (Intel Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [51712 2016-06-02] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46080 2016-06-02] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [194624 2016-02-10] (Intel Corporation)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2504192 2015-10-30] (MediaTek Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-03 08:26 - 2016-06-03 08:27 - 00005833 _____ C:\Users\Darryll\Desktop\FRST.txt
2016-06-03 08:25 - 2016-06-03 08:26 - 02383872 _____ (Farbar) C:\Users\Darryll\Desktop\FRST64.exe
2016-06-02 17:24 - 2016-06-02 17:24 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-06-02 17:18 - 2016-06-02 17:33 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-02 17:18 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-06-02 17:17 - 2016-06-02 17:17 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\Darryll\Desktop\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-06-02 16:32 - 2016-06-02 16:41 - 00000000 ____D C:\AdwCleaner
2016-06-02 16:32 - 2016-06-02 16:32 - 03677248 _____ C:\Users\Darryll\Desktop\adwcleaner_5.119.exe
2016-06-02 12:25 - 2016-06-02 12:26 - 00027336 _____ C:\Users\Darryll\Desktop\dds.txt
2016-06-02 12:25 - 2016-06-02 12:26 - 00017343 _____ C:\Users\Darryll\Desktop\attach.txt
2016-06-02 12:24 - 2016-06-02 12:24 - 00688992 ____R (Swearware) C:\Users\Darryll\Desktop\dds.scr
2016-06-02 12:20 - 2016-06-02 12:20 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-02 12:20 - 2016-06-02 12:20 - 00000000 ____D C:\Program Files\MSBuild
2016-06-02 12:20 - 2016-06-02 12:20 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-06-02 12:20 - 2016-06-02 12:20 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-02 11:54 - 2016-06-02 11:54 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-06-02 11:50 - 2016-06-02 11:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-02 11:45 - 2016-06-02 11:45 - 00000565 _____ C:\Users\Public\Desktop\Cygwin64 Terminal.lnk
2016-06-02 11:41 - 2016-06-02 11:44 - 00000000 ____D C:\Users\Darryll\Desktop\http%3a%2f%2fcygwin.mirror.constant.com%2f
2016-06-02 11:41 - 2016-06-02 11:43 - 00860672 _____ C:\Users\Darryll\Desktop\setup-x86_64.exe
2016-06-02 11:40 - 2016-06-02 11:40 - 00000503 _____ C:\Users\Darryll\Downloads\setup.log.full
2016-06-02 11:39 - 2016-06-02 11:39 - 00000000 ____D C:\Users\Darryll\Downloads\http%3a%2f%2fcygwin.mirror.constant.com%2f
2016-06-02 11:37 - 2016-06-02 11:45 - 00000000 ____D C:\cygwin64
2016-06-02 11:37 - 2016-06-02 11:37 - 00000000 ____D C:\Users\Darryll\Desktop\ftp%3a%2f%2fftp.gtlib.gatech.edu%2fpub%2fcygwin%2f
2016-06-02 11:36 - 2016-06-02 11:40 - 00860672 _____ C:\Users\Darryll\Downloads\setup-x86_64.exe
2016-06-02 10:25 - 2016-06-02 10:54 - 00000275 _____ C:\Users\Darryll\Desktop\New Text Document.txt
2016-06-01 19:04 - 2015-10-30 03:17 - 00343040 _____ (Microsoft Corporation) C:\Users\Darryll\Downloads\TtlsCfg.dll
2016-06-01 17:39 - 2016-06-01 18:40 - 00000000 ____D C:\KVRT_Data
2016-06-01 17:14 - 2016-06-01 17:39 - 95035728 _____ (Kaspersky Lab ZAO) C:\Users\Darryll\Desktop\KVRT.exe
2016-06-01 16:59 - 2016-06-01 16:59 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\QuickScan
2016-06-01 10:12 - 2016-06-01 10:12 - 00000000 ____D C:\ProgramData\Cisco Systems
2016-05-30 09:43 - 2016-05-30 09:44 - 00000000 ____D C:\Users\Darryll\Desktop\Galaxy S5 SM-900W8-Klte
2016-05-30 09:42 - 2016-05-30 09:43 - 00000000 ____D C:\Users\Darryll\Desktop\Torrents
2016-05-29 09:36 - 2016-06-02 17:57 - 00000000 __SHD C:\Users\Darryll\IntelGraphicsProfiles
2016-05-28 19:44 - 2015-08-18 02:27 - 00091128 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-05-28 19:41 - 2016-06-02 17:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-28 19:41 - 2016-05-28 19:41 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 10:19 - 2016-05-28 10:19 - 00000000 ____D C:\Users\Darryll\AppData\Local\ElevatedDiagnostics
2016-05-28 08:40 - 2016-05-28 08:40 - 00000017 _____ C:\Users\Darryll\AppData\Local\resmon.resmoncfg
2016-05-28 08:28 - 2016-05-28 08:28 - 00000000 ____D C:\recuva
2016-05-28 08:27 - 2016-05-28 08:27 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\WinZip
2016-05-28 08:12 - 2016-05-26 20:39 - 00000030 _____ C:\AVScanner.ini
2016-05-27 13:04 - 2016-05-27 13:04 - 00000907 _____ C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-27 13:04 - 2016-05-27 13:04 - 00000877 _____ C:\Users\Darryll\Desktop\Start Tor Browser.lnk
2016-05-27 13:03 - 2016-05-27 13:04 - 00000000 ____D C:\Tor
2016-05-26 20:56 - 2016-05-26 20:56 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\WinBatch
2016-05-26 20:53 - 2016-05-26 20:53 - 00000000 ____D C:\Users\Darryll\Downloads\HP Downloads
2016-05-26 20:49 - 2016-05-26 20:49 - 00000000 ____D C:\Users\Darryll\AppData\Local\CEF
2016-05-26 20:48 - 2016-05-26 20:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-05-26 20:47 - 2016-05-28 13:51 - 00000000 ____D C:\Program Files\Intel
2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-26 20:47 - 2016-05-26 20:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-26 20:39 - 2016-05-27 09:16 - 00000000 ____D C:\ProgramData\McAfee
2016-05-26 20:39 - 2016-05-26 20:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\Macromedia
2016-05-26 20:39 - 2016-05-26 20:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\Adobe
2016-05-26 18:40 - 2016-06-02 12:21 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDarryll.job
2016-05-26 18:40 - 2016-06-02 11:09 - 00002864 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDarryll
2016-05-26 18:39 - 2016-05-26 20:52 - 00000000 ____D C:\Users\Darryll\AppData\Local\Hewlett-Packard
2016-05-26 18:39 - 2016-05-26 19:14 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Hewlett-Packard
2016-05-26 18:08 - 2016-05-27 16:28 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-05-26 18:08 - 2016-05-26 18:08 - 00000000 ____D C:\System.sav
2016-05-26 18:08 - 2016-05-26 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-05-26 18:07 - 2016-06-02 17:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-26 18:07 - 2016-05-26 18:07 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\hpqLog
2016-05-26 17:41 - 2016-05-26 17:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-26 17:39 - 2016-05-26 17:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\PeerDistRepub
2016-05-26 17:30 - 2016-05-27 16:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-05-26 17:30 - 2016-05-26 18:08 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-26 17:29 - 2016-05-26 17:29 - 03836976 _____ (Oleg N. Scherbakov) C:\Users\Darryll\Desktop\HPSupportSolutionsFramework-12.3.11.29.exe
2016-05-26 16:59 - 2016-05-26 16:59 - 00000000 ____D C:\ProgramData\UniqueId
2016-05-26 16:58 - 2016-06-02 11:54 - 00000000 ____D C:\ProgramData\WinZip
2016-05-26 16:58 - 2016-05-26 16:58 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-05-26 16:24 - 2016-05-26 16:24 - 10013808 _____ C:\Users\Darryll\Desktop\heimdall-suite-1.4.0-win32.zip
2016-05-26 13:31 - 2016-05-26 13:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-26 12:10 - 2016-05-30 21:16 - 00000000 ____D C:\Users\Darryll\AppData\LocalLow\uTorrent
2016-05-26 12:09 - 2016-05-26 12:09 - 02530304 _____ (BitTorrent Inc.) C:\Users\Darryll\Downloads\uTorrent.exe
2016-05-26 11:48 - 2016-05-26 11:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-05-26 11:48 - 2016-05-26 11:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-05-26 11:37 - 2016-05-26 11:37 - 00000000 ____D C:\Program Files\SAMSUNG
2016-05-26 11:37 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-05-26 11:37 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-05-26 11:27 - 2016-05-26 11:27 - 00017295 _____ C:\Users\Darryll\Downloads\Addition.txt
2016-05-26 11:27 - 2016-05-26 11:27 - 00000000 ____D C:\ProgramData\Samsung
2016-05-26 11:26 - 2016-06-03 08:26 - 00000000 ____D C:\FRST
2016-05-26 11:26 - 2016-05-26 11:27 - 00040670 _____ C:\Users\Darryll\Downloads\FRST.txt
2016-05-26 11:26 - 2016-05-26 11:26 - 02383360 _____ (Farbar) C:\Users\Darryll\Downloads\FRST64.exe
2016-05-26 10:25 - 2016-05-26 10:31 - 00000000 ____D C:\Users\Darryll\AppData\Local\Mozilla
2016-05-26 10:25 - 2016-05-26 10:25 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-26 10:25 - 2016-05-26 10:25 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Mozilla
2016-05-26 10:24 - 2016-05-26 10:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-26 10:23 - 2016-05-26 10:24 - 44584344 _____ C:\Users\Darryll\Downloads\Firefox Setup 46.0.1 (1).exe
2016-05-26 10:23 - 2016-05-26 10:23 - 44584344 _____ C:\Users\Darryll\Downloads\Firefox Setup 46.0.1.exe
2016-05-26 10:23 - 2016-05-26 10:23 - 00000000 ____D C:\ProgramData\Avg_Update_0516piz
2016-05-26 10:22 - 2016-05-26 10:22 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\AVG
2016-05-26 10:21 - 2016-05-26 10:21 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\TuneUp Software
2016-05-26 10:19 - 2016-05-26 10:19 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Macromedia
2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\Users\Darryll\AppData\Local\AvgSetupLog
2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\ProgramData\Avg
2016-05-26 10:17 - 2016-06-02 11:00 - 00000000 ____D C:\Users\Darryll\AppData\Local\Avg
2016-05-26 10:02 - 2016-05-26 10:50 - 00000000 ____D C:\Users\Darryll\AppData\Local\Comms
2016-05-26 10:00 - 2016-04-22 03:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-05-26 09:57 - 2016-05-26 09:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-26 09:57 - 2016-05-26 09:57 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-26 09:56 - 2016-04-23 01:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-26 09:56 - 2016-04-23 01:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-26 09:56 - 2016-04-23 00:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-26 09:56 - 2016-04-23 00:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-26 09:56 - 2016-04-23 00:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-26 09:56 - 2016-04-23 00:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-26 09:56 - 2016-03-29 02:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-26 09:56 - 2016-03-29 01:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-26 09:56 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-26 09:56 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-05-26 09:56 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-26 09:56 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-26 09:56 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-05-26 09:56 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-26 09:56 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-05-26 09:55 - 2016-05-06 00:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-26 09:55 - 2016-05-06 00:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-26 09:55 - 2016-05-06 00:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-26 09:55 - 2016-05-05 23:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-26 09:55 - 2016-05-05 23:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-26 09:55 - 2016-05-05 23:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-26 09:55 - 2016-05-05 23:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-26 09:55 - 2016-05-05 23:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-26 09:55 - 2016-04-30 02:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-26 09:55 - 2016-04-30 02:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-26 09:55 - 2016-04-23 02:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-26 09:55 - 2016-04-23 02:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-26 09:55 - 2016-04-23 01:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-26 09:55 - 2016-04-23 01:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-26 09:55 - 2016-04-23 01:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-26 09:55 - 2016-04-23 01:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-26 09:55 - 2016-04-23 01:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-26 09:55 - 2016-04-23 01:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-26 09:55 - 2016-04-23 01:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-26 09:55 - 2016-04-23 01:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-26 09:55 - 2016-04-23 01:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-26 09:55 - 2016-04-23 01:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-26 09:55 - 2016-04-23 01:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-26 09:55 - 2016-04-23 01:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-26 09:55 - 2016-04-23 01:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-26 09:55 - 2016-04-23 01:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-26 09:55 - 2016-04-23 01:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-26 09:55 - 2016-04-23 01:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-26 09:55 - 2016-04-23 01:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-26 09:55 - 2016-04-23 01:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-26 09:55 - 2016-04-23 01:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-26 09:55 - 2016-04-23 01:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-26 09:55 - 2016-04-23 01:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-26 09:55 - 2016-04-23 01:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-26 09:55 - 2016-04-23 01:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-26 09:55 - 2016-04-23 01:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-26 09:55 - 2016-04-23 01:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-26 09:55 - 2016-04-23 01:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-26 09:55 - 2016-04-23 01:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-26 09:55 - 2016-04-23 01:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-26 09:55 - 2016-04-23 01:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-26 09:55 - 2016-04-23 01:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-26 09:55 - 2016-04-23 01:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-26 09:55 - 2016-04-23 00:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-26 09:55 - 2016-04-23 00:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-26 09:55 - 2016-04-23 00:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-26 09:55 - 2016-04-23 00:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-26 09:55 - 2016-04-23 00:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-26 09:55 - 2016-04-23 00:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-26 09:55 - 2016-04-23 00:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-26 09:55 - 2016-04-23 00:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-26 09:55 - 2016-04-23 00:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-26 09:55 - 2016-04-23 00:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-26 09:55 - 2016-04-23 00:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-26 09:55 - 2016-04-23 00:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-26 09:55 - 2016-04-23 00:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-26 09:55 - 2016-04-23 00:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-26 09:55 - 2016-04-23 00:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-26 09:55 - 2016-04-23 00:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-26 09:55 - 2016-04-23 00:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-26 09:55 - 2016-04-23 00:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-26 09:55 - 2016-04-23 00:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-26 09:55 - 2016-04-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-26 09:55 - 2016-04-23 00:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-26 09:55 - 2016-04-23 00:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-26 09:55 - 2016-04-23 00:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-26 09:55 - 2016-04-23 00:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-26 09:55 - 2016-04-23 00:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-26 09:55 - 2016-04-23 00:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-26 09:55 - 2016-04-23 00:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-26 09:55 - 2016-04-23 00:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-26 09:55 - 2016-04-23 00:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-26 09:55 - 2016-04-23 00:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-26 09:55 - 2016-04-23 00:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-26 09:55 - 2016-04-23 00:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-26 09:55 - 2016-04-23 00:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-26 09:55 - 2016-04-23 00:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-26 09:55 - 2016-04-23 00:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-26 09:55 - 2016-04-23 00:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-26 09:55 - 2016-04-23 00:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-26 09:55 - 2016-04-23 00:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-26 09:55 - 2016-04-23 00:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-26 09:55 - 2016-04-23 00:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-26 09:55 - 2016-04-23 00:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-26 09:55 - 2016-04-23 00:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-26 09:55 - 2016-04-23 00:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-26 09:55 - 2016-04-23 00:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-26 09:55 - 2016-04-23 00:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-26 09:55 - 2016-04-23 00:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-26 09:55 - 2016-04-23 00:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-26 09:55 - 2016-04-23 00:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-26 09:55 - 2016-04-23 00:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-26 09:55 - 2016-04-23 00:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-26 09:55 - 2016-04-23 00:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-26 09:55 - 2016-04-23 00:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-26 09:55 - 2016-04-22 23:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-26 09:55 - 2016-04-22 22:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-26 09:55 - 2016-04-22 22:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-26 09:55 - 2016-04-18 18:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-26 09:55 - 2016-04-02 00:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-26 09:55 - 2016-04-02 00:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-26 09:55 - 2016-04-02 00:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-26 09:55 - 2016-04-02 00:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-26 09:55 - 2016-04-01 23:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-26 09:55 - 2016-04-01 23:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-05-26 09:55 - 2016-04-01 23:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-26 09:55 - 2016-04-01 23:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-26 09:55 - 2016-04-01 23:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-26 09:55 - 2016-03-29 06:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-26 09:55 - 2016-03-29 06:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-26 09:55 - 2016-03-29 06:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-26 09:55 - 2016-03-29 06:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-26 09:55 - 2016-03-29 06:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-26 09:55 - 2016-03-29 06:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-26 09:55 - 2016-03-29 06:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-26 09:55 - 2016-03-29 06:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-26 09:55 - 2016-03-29 06:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-26 09:55 - 2016-03-29 06:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-26 09:55 - 2016-03-29 06:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-26 09:55 - 2016-03-29 06:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-26 09:55 - 2016-03-29 05:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-26 09:55 - 2016-03-29 05:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-05-26 09:55 - 2016-03-29 05:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-05-26 09:55 - 2016-03-29 05:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-05-26 09:55 - 2016-03-29 05:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-26 09:55 - 2016-03-29 05:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-05-26 09:55 - 2016-03-29 05:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-26 09:55 - 2016-03-29 05:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-05-26 09:55 - 2016-03-29 05:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-26 09:55 - 2016-03-29 05:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-26 09:55 - 2016-03-29 05:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-26 09:55 - 2016-03-29 05:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-26 09:55 - 2016-03-29 05:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-26 09:55 - 2016-03-29 05:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-05-26 09:55 - 2016-03-29 05:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-26 09:55 - 2016-03-29 04:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-26 09:55 - 2016-03-29 04:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-05-26 09:55 - 2016-03-29 04:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-26 09:55 - 2016-03-29 04:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-26 09:55 - 2016-03-29 04:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-05-26 09:55 - 2016-03-29 04:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-05-26 09:55 - 2016-03-29 04:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-26 09:55 - 2016-03-29 04:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-05-26 09:55 - 2016-03-29 04:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-26 09:55 - 2016-03-29 04:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-26 09:55 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-26 09:55 - 2016-03-29 04:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-26 09:55 - 2016-03-29 04:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-26 09:55 - 2016-03-29 04:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-26 09:55 - 2016-03-29 04:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-05-26 09:55 - 2016-03-29 04:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-05-26 09:55 - 2016-03-29 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-26 09:55 - 2016-03-29 03:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-26 09:55 - 2016-03-29 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-26 09:55 - 2016-03-29 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-26 09:55 - 2016-03-29 03:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-05-26 09:55 - 2016-03-29 03:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-26 09:55 - 2016-03-29 03:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-26 09:55 - 2016-03-29 03:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-26 09:55 - 2016-03-29 03:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-26 09:55 - 2016-03-29 03:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-26 09:55 - 2016-03-29 03:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-26 09:55 - 2016-03-29 03:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-26 09:55 - 2016-03-29 03:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-05-26 09:55 - 2016-03-29 03:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-26 09:55 - 2016-03-29 03:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-26 09:55 - 2016-03-29 03:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-05-26 09:55 - 2016-03-29 03:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-05-26 09:55 - 2016-03-29 03:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-26 09:55 - 2016-03-29 03:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-26 09:55 - 2016-03-29 03:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-26 09:55 - 2016-03-29 03:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-26 09:55 - 2016-03-29 03:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-05-26 09:55 - 2016-03-29 03:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-26 09:55 - 2016-03-29 03:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-26 09:55 - 2016-03-29 03:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-26 09:55 - 2016-03-29 03:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-26 09:55 - 2016-03-29 03:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-05-26 09:55 - 2016-03-29 03:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-26 09:55 - 2016-03-29 03:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-26 09:55 - 2016-03-29 03:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-26 09:55 - 2016-03-29 03:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-26 09:55 - 2016-03-29 03:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-05-26 09:55 - 2016-03-29 03:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-26 09:55 - 2016-03-29 03:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-05-26 09:55 - 2016-03-29 03:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-26 09:55 - 2016-03-29 03:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-26 09:55 - 2016-03-29 03:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-26 09:55 - 2016-03-29 03:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
=============================================
Part 2 next post
============================
dmath1n is offline  
Old 06-03-2016, 05:39 AM   #7
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



FRST part 2:
2016-05-26 09:55 - 2016-03-29 03:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-05-26 09:55 - 2016-03-29 03:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-26 09:55 - 2016-03-29 03:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-05-26 09:55 - 2016-03-29 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-05-26 09:55 - 2016-03-29 03:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-26 09:55 - 2016-03-29 03:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-26 09:55 - 2016-03-29 03:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-05-26 09:55 - 2016-03-29 03:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-05-26 09:55 - 2016-03-29 03:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-26 09:55 - 2016-03-29 03:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-26 09:55 - 2016-03-29 03:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-05-26 09:55 - 2016-03-29 03:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-05-26 09:55 - 2016-03-29 03:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-05-26 09:55 - 2016-03-29 03:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-05-26 09:55 - 2016-03-29 03:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-26 09:55 - 2016-03-29 03:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-05-26 09:55 - 2016-03-29 03:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-26 09:55 - 2016-03-29 03:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-26 09:55 - 2016-03-29 03:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-05-26 09:55 - 2016-03-29 03:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-26 09:55 - 2016-03-29 03:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-05-26 09:55 - 2016-03-29 03:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-05-26 09:55 - 2016-03-29 03:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-26 09:55 - 2016-03-29 03:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-26 09:55 - 2016-03-29 03:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-26 09:55 - 2016-03-29 03:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-26 09:55 - 2016-03-29 02:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-26 09:55 - 2016-03-29 02:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-26 09:55 - 2016-03-29 02:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-26 09:55 - 2016-03-29 02:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-05-26 09:55 - 2016-03-29 02:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-26 09:55 - 2016-03-29 02:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-05-26 09:55 - 2016-03-29 02:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-05-26 09:55 - 2016-03-29 02:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-05-26 09:55 - 2016-03-29 02:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-26 09:55 - 2016-03-29 02:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-05-26 09:55 - 2016-03-29 02:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-05-26 09:55 - 2016-03-29 02:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-26 09:55 - 2016-03-29 02:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-26 09:55 - 2016-03-29 02:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-05-26 09:55 - 2016-03-29 02:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-26 09:55 - 2016-03-29 02:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-05-26 09:55 - 2016-03-29 02:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-05-26 09:55 - 2016-03-29 02:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-05-26 09:55 - 2016-03-29 02:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-05-26 09:55 - 2016-03-29 02:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-26 09:55 - 2016-03-29 02:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-05-26 09:55 - 2016-03-29 02:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-05-26 09:55 - 2016-03-29 02:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-26 09:55 - 2016-03-29 02:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-05-26 09:55 - 2016-03-29 02:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-05-26 09:55 - 2016-03-29 02:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-05-26 09:55 - 2016-03-29 02:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-26 09:55 - 2016-03-29 02:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-05-26 09:55 - 2016-03-29 02:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-05-26 09:55 - 2016-03-29 02:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-26 09:55 - 2016-03-29 02:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-05-26 09:55 - 2016-03-29 02:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-26 09:55 - 2016-03-29 02:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-05-26 09:55 - 2016-03-29 02:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-05-26 09:55 - 2016-03-29 02:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-05-26 09:55 - 2016-03-29 02:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-05-26 09:55 - 2016-03-29 02:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-26 09:55 - 2016-03-29 02:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-05-26 09:55 - 2016-03-29 02:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-26 09:55 - 2016-03-29 02:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-26 09:55 - 2016-03-29 02:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-05-26 09:55 - 2016-03-29 02:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-26 09:55 - 2016-03-29 01:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-05-26 09:55 - 2016-03-29 01:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-26 09:55 - 2016-03-29 01:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-26 09:55 - 2016-03-29 01:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-05-26 09:55 - 2016-03-29 01:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-05-26 09:55 - 2016-03-29 01:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-05-26 09:55 - 2016-03-29 01:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-26 09:55 - 2016-03-29 01:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-26 09:55 - 2016-03-29 01:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-26 09:55 - 2016-03-29 01:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-26 09:55 - 2016-03-29 01:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-26 09:55 - 2016-03-29 01:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-05-26 09:55 - 2016-03-29 01:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-05-26 09:55 - 2016-03-29 01:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-26 09:55 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-26 09:55 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-05-26 09:55 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-26 09:55 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-26 09:55 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-26 09:55 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-26 09:55 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-05-26 09:55 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-26 09:55 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-26 09:55 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-05-26 09:55 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-05-26 09:55 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-05-26 09:55 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-26 09:55 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-26 09:55 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-26 09:55 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-26 09:55 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-26 09:55 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-26 09:55 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-26 09:55 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-05-26 09:55 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-05-26 09:55 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-05-26 09:55 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-26 09:55 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-26 09:55 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-26 09:55 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-26 09:55 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-26 09:55 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-26 09:55 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-26 09:55 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-26 09:55 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-26 09:55 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-26 09:55 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-26 09:55 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-26 09:55 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-26 09:55 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-26 09:55 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-26 09:55 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-05-26 09:55 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-26 09:55 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-26 09:55 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-26 09:55 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-26 09:55 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-26 09:55 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-05-26 09:55 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-05-26 09:55 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-26 09:55 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-05-26 09:55 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-26 09:55 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-05-26 09:55 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-26 09:55 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-05-26 09:55 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-05-26 09:55 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-26 09:55 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-26 09:55 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-05-26 09:55 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-05-26 09:55 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-05-26 09:55 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-05-26 09:55 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-05-26 09:55 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-05-26 09:55 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-05-26 09:55 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-05-26 09:55 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-05-26 09:55 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-05-26 09:55 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-05-26 09:55 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-05-26 09:55 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-05-26 09:55 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-05-26 09:55 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-05-26 09:55 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-05-26 09:55 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-05-26 09:55 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-05-26 09:55 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-05-26 09:55 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-05-26 09:55 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-26 09:55 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-26 09:55 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-05-26 09:55 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-05-26 09:55 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-26 09:55 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-26 09:55 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-05-26 09:55 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-26 09:55 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-26 09:55 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-26 09:55 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-05-26 09:55 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-26 09:55 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-26 09:55 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-26 09:55 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-26 09:55 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-26 09:55 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-26 09:55 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-26 09:55 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-26 09:55 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-26 09:55 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-26 09:55 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-26 09:55 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-05-26 09:55 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-26 09:55 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-26 09:55 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-26 09:55 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-26 09:55 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-26 09:55 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-26 09:55 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-26 09:55 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-05-26 09:55 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-26 09:55 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-26 09:55 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-26 09:55 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-26 09:55 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-05-26 09:55 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-26 09:55 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-26 09:55 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-26 09:55 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-26 09:55 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-26 09:55 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-26 09:55 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-26 09:55 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-26 09:55 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-26 09:55 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-26 09:55 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-05-26 09:55 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-26 09:55 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-26 09:55 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-26 09:55 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-26 09:55 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-26 09:55 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-26 09:55 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-05-26 09:55 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-26 09:55 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-05-26 09:55 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-05-26 09:55 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-26 09:55 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-05-26 09:55 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-05-26 09:55 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-26 09:55 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-05-26 09:55 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-05-26 09:55 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-05-26 09:55 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-26 09:55 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-05-26 09:55 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-26 09:55 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-05-26 09:55 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-26 09:55 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-05-26 09:55 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-26 09:55 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-05-26 09:55 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-25 21:18 - 2016-05-29 18:51 - 00000000 ____D C:\Windows.old
2016-05-25 21:18 - 2016-05-25 21:18 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-05-25 21:18 - 2016-05-25 17:30 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-25 21:17 - 2016-05-25 21:17 - 00008192 __RSH C:\BOOTSECT.BAK
2016-05-25 21:17 - 2016-05-25 21:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-25 21:16 - 2016-05-25 21:16 - 00000000 ____D C:\WINDOWS\Setup
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\0409
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\OCR
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-25 21:12 - 2016-05-11 15:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-25 21:12 - 2016-05-11 15:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-25 21:11 - 2016-05-26 12:20 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-25 21:11 - 2016-05-25 21:18 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-25 21:11 - 2016-05-25 21:09 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-05-25 21:11 - 2016-05-25 21:09 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-05-25 21:11 - 2016-05-25 21:09 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-05-25 21:11 - 2016-05-25 21:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-05-25 21:11 - 2016-05-25 21:09 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-05-25 21:11 - 2016-05-25 21:09 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-05-25 21:11 - 2016-05-25 21:09 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-05-25 21:11 - 2016-05-25 21:09 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-05-25 21:11 - 2016-05-25 21:09 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-05-25 21:11 - 2016-05-25 21:09 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-05-25 21:11 - 2016-05-25 21:09 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-05-25 21:11 - 2016-05-25 21:09 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-05-25 21:10 - 2016-06-03 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-25 21:10 - 2016-06-03 07:26 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-25 21:10 - 2016-06-02 17:44 - 00000000 ____D C:\WINDOWS\INF
2016-05-25 21:10 - 2016-06-02 10:59 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-05-25 21:10 - 2016-05-28 19:59 - 00000000 ____D C:\WINDOWS\rescache
2016-05-25 21:10 - 2016-05-27 08:44 - 00000000 ____D C:\WINDOWS\appcompat
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 __RSD C:\WINDOWS\Media
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-05-25 21:10 - 2016-05-26 09:57 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-05-25 21:10 - 2016-05-25 21:15 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SystemApps
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\Com
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\IME
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Windows Defender
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\ias
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\Registration
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Web
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Vss
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\tracing
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\TAPI
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SystemResources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\ras
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\System
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SKB
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\security
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\schemas
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SchCache
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Resources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\PLA
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Performance
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Globalization
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Cursors
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Branding
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\addins
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\ProgramData\Comms
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files\Windows NT
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files\Common Files\Services
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-05-25 21:10 - 2016-05-25 21:09 - 00000219 _____ C:\WINDOWS\system.ini
2016-05-25 21:10 - 2016-05-25 21:09 - 00000092 _____ C:\WINDOWS\win.ini
2016-05-25 21:10 - 2016-05-25 17:33 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-05-25 21:10 - 2016-05-25 17:33 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-05-25 21:10 - 2016-05-25 17:33 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-25 21:10 - 2016-05-25 17:30 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-25 21:10 - 2016-05-25 17:30 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-05-25 21:10 - 2016-05-25 17:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-25 21:10 - 2016-05-25 17:27 - 00000000 ____D C:\WINDOWS\CSC
2016-05-25 21:10 - 2016-05-25 17:25 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-25 21:10 - 2016-05-25 17:23 - 00000000 ____D C:\WINDOWS\Help
2016-05-25 21:10 - 2016-05-25 17:23 - 00000000 ____D C:\ProgramData\USOPrivate
2016-05-25 21:04 - 2016-06-02 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-25 21:01 - 2016-06-02 17:40 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-25 21:01 - 2016-06-02 08:12 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-25 21:01 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\servicing
2016-05-25 21:01 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-05-25 21:01 - 2015-10-30 02:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-05-25 20:58 - 2016-05-26 13:56 - 00000000 ___HD C:\$SysReset
2016-05-25 20:48 - 2016-05-25 21:18 - 00000000 _____ C:\Recovery.txt
2016-05-25 17:36 - 2016-05-26 09:53 - 00000000 ____D C:\Users\Darryll\AppData\Local\MicrosoftEdge
2016-05-25 17:35 - 2016-05-25 17:35 - 00011234 _____ C:\Users\Darryll\Desktop\Removed Apps.html
2016-05-25 17:35 - 2016-05-25 17:35 - 00002344 _____ C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-25 17:35 - 2016-05-25 17:35 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-05-25 17:34 - 2016-05-25 17:34 - 00000000 ____D C:\Users\Darryll\AppData\Local\ActiveSync
2016-05-25 17:33 - 2016-05-25 17:33 - 00000000 ____D C:\Users\Darryll\AppData\Local\Publishers
2016-05-25 17:32 - 2016-06-02 17:44 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-25 17:32 - 2016-05-26 17:53 - 00000000 ____D C:\Users\Darryll\AppData\Local\Packages
2016-05-25 17:32 - 2016-05-25 17:32 - 00000020 ___SH C:\Users\Darryll\ntuser.ini
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Adobe
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Local\VirtualStore
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Local\TileDataLayer
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\My Documents
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\All Users
2016-05-25 17:28 - 2016-05-29 09:36 - 00000000 ____D C:\Users\Darryll
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\My Documents
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Videos
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Pictures
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Music
2016-05-25 17:24 - 2016-05-25 17:24 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-05-25 17:24 - 2016-05-25 17:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-25 17:23 - 2016-05-25 17:23 - 00000000 ____D C:\ProgramData\USOShared
2016-05-25 17:23 - 2016-05-25 17:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-25 17:23 - 2016-05-25 17:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-25 17:23 - 2016-05-25 17:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-25 17:23 - 2015-08-06 20:24 - 06873904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 03492984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-25 17:23 - 2015-08-06 20:24 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-25 17:23 - 2015-08-03 06:04 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-25 17:22 - 2015-10-30 03:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-25 17:20 - 2016-06-02 17:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-25 17:19 - 2016-05-27 08:41 - 00203176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-25 17:19 - 2016-05-25 17:19 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-05-25 15:55 - 2016-05-25 15:55 - 37786896 _____ (Rogers) C:\Users\Darryll\Downloads\RogersTechxpert.exe
2016-05-25 15:19 - 2016-05-25 15:19 - 47590392 _____ (Wireshark development team) C:\Users\Darryll\Downloads\Wireshark-win64-2.0.3.exe
2016-05-25 11:17 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-05-25 11:17 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-05-25 11:16 - 2014-12-02 22:02 - 00017736 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017736 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssadwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017224 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017224 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssadcm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015944 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssduwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssm_wh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_wh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_bwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015360 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssm_cm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015360 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_bcm.sys
2016-05-24 16:34 - 2016-05-24 16:34 - 00000000 ____D C:\SWSETUP
2016-05-24 16:15 - 2016-05-24 16:15 - 00000000 ____D C:\NVIDIA
2016-05-24 16:09 - 2016-05-29 09:36 - 00000000 ____D C:\Intel
2016-05-24 16:07 - 2015-10-23 21:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-05-24 16:07 - 2015-10-23 21:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-24 16:07 - 2015-10-23 21:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-24 15:46 - 2016-05-24 15:46 - 00000000 ____H C:\Users\Darryll\Documents\Default.rdp
2016-05-24 15:26 - 2016-05-25 17:35 - 00000000 ___RD C:\Users\Darryll\OneDrive
2016-05-24 14:48 - 2016-05-24 14:48 - 00000000 ____D C:\ESD
2016-05-24 14:41 - 2016-05-24 14:41 - 00000000 ___HD C:\$Windows.~WS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-02 12:17 - 2015-10-30 03:19 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmpsnap.dll
2016-06-02 12:17 - 2015-10-30 03:19 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntwin.exe
2016-06-02 12:17 - 2015-10-30 03:19 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntagnt.dll
2016-06-02 12:17 - 2015-10-30 03:19 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\hostmib.dll
2016-06-02 12:17 - 2015-10-30 03:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\lmmib2.dll
2016-06-02 12:17 - 2015-10-30 03:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntcmd.exe
2016-06-02 12:17 - 2015-10-30 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmpmib.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00107882 _____ C:\WINDOWS\system32\mib_ii.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00048593 _____ C:\WINDOWS\system32\hostmib.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00034317 _____ C:\WINDOWS\system32\msiprip2.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00030448 _____ C:\WINDOWS\system32\mcastmib.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00026236 _____ C:\WINDOWS\system32\wins.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00026100 _____ C:\WINDOWS\system32\lmmib2.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-06-02 12:17 - 2015-10-30 03:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00022462 _____ C:\WINDOWS\system32\rfc2571.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00021271 _____ C:\WINDOWS\system32\http.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-06-02 12:17 - 2015-10-30 03:17 - 00015799 _____ C:\WINDOWS\system32\ipforwd.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00015032 _____ C:\WINDOWS\system32\authserv.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00014032 _____ C:\WINDOWS\system32\accserv.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00013767 _____ C:\WINDOWS\system32\msipbtp.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00006179 _____ C:\WINDOWS\system32\ftp.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-06-02 12:17 - 2015-10-30 03:17 - 00004597 _____ C:\WINDOWS\system32\dhcp.mib
2016-06-02 12:17 - 2015-10-30 03:17 - 00004411 _____ C:\WINDOWS\system32\smi.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpsnap.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntwin.exe
2016-06-02 12:16 - 2015-10-30 03:19 - 00107882 _____ C:\WINDOWS\SysWOW64\mib_ii.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntagnt.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
2016-06-02 12:16 - 2015-10-30 03:19 - 00048593 _____ C:\WINDOWS\SysWOW64\hostmib.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmp.exe
2016-06-02 12:16 - 2015-10-30 03:19 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hostmib.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lmmib2.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00034317 _____ C:\WINDOWS\SysWOW64\msiprip2.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00030448 _____ C:\WINDOWS\SysWOW64\mcastmib.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00026236 _____ C:\WINDOWS\SysWOW64\wins.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00026100 _____ C:\WINDOWS\SysWOW64\lmmib2.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00022462 _____ C:\WINDOWS\SysWOW64\rfc2571.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntcmd.exe
2016-06-02 12:16 - 2015-10-30 03:19 - 00021271 _____ C:\WINDOWS\SysWOW64\http.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64mib.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00015799 _____ C:\WINDOWS\SysWOW64\ipforwd.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00015032 _____ C:\WINDOWS\SysWOW64\authserv.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00014032 _____ C:\WINDOWS\SysWOW64\accserv.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00013767 _____ C:\WINDOWS\SysWOW64\msipbtp.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpmib.dll
2016-06-02 12:16 - 2015-10-30 03:19 - 00006179 _____ C:\WINDOWS\SysWOW64\ftp.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00004597 _____ C:\WINDOWS\SysWOW64\dhcp.mib
2016-06-02 12:16 - 2015-10-30 03:19 - 00004411 _____ C:\WINDOWS\SysWOW64\smi.mib
2016-06-02 12:16 - 2015-10-30 03:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-06-02 12:16 - 2015-10-30 03:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-06-02 12:16 - 2015-10-30 03:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-06-02 12:16 - 2015-10-30 03:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-06-02 12:16 - 2015-10-30 03:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-06-02 12:16 - 2015-10-30 03:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-06-02 12:16 - 2015-10-30 03:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll

==================== Files in the root of some directories =======

2016-05-28 08:40 - 2016-05-28 08:40 - 0000017 _____ () C:\Users\Darryll\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Darryll\AppData\Local\Temp\avguirn_08454842945.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-25 17:19

==================== End of FRST.txt

Additions Attached.
Sorry for being to Gung ho! I have been fighting this for weeks!
Thank you chemist!
Attached Files
File Type: txt Addition.txt (19.7 KB, 35 views)
dmath1n is offline  
Old 06-03-2016, 02:10 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, dmath1n. You're very welcome!

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe
  • If asked to change 'Encoding:' to 'Unicode:', please agree and save it.

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files\Common Files\McAfee
    2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files (x86)\McAfee
    2016-05-26 20:47 - 2016-05-26 20:47 - 00000000 ____D C:\ProgramData\Package Cache
    2016-05-26 20:39 - 2016-05-27 09:16 - 00000000 ____D C:\ProgramData\McAfee
    2016-05-26 10:23 - 2016-05-26 10:23 - 00000000 ____D C:\ProgramData\Avg_Update_0516piz
    2016-05-26 10:22 - 2016-05-26 10:22 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\AVG
    2016-05-26 10:21 - 2016-05-26 10:21 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\TuneUp Software
    2016-05-26 10:19 - 2016-05-26 10:19 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Macromedia
    2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\Users\Darryll\AppData\Local\AvgSetupLog
    2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\ProgramData\Avg
    2016-05-26 10:17 - 2016-06-02 11:00 - 00000000 ____D C:\Users\Darryll\AppData\Local\Avg
    Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "WinZip Preloader.lnk" /f
    Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "Update Notifier.lnk" /f
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-03-2016, 06:05 PM   #9
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



The log you requested. and if I must say so you are one hell of an I.T man!!
Fix result of Farbar Recovery Scan Tool (x64) Version:03-06-2016
Ran by Darryll (2016-06-03 20:59:36) Run:1
Running from C:\Users\Darryll\Desktop
Loaded Profiles: Darryll (Available Profiles: Darryll)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
createrestorepoint:
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-05-26 20:47 - 2016-05-27 09:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-26 20:47 - 2016-05-26 20:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-26 20:39 - 2016-05-27 09:16 - 00000000 ____D C:\ProgramData\McAfee
2016-05-26 10:23 - 2016-05-26 10:23 - 00000000 ____D C:\ProgramData\Avg_Update_0516piz
2016-05-26 10:22 - 2016-05-26 10:22 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\AVG
2016-05-26 10:21 - 2016-05-26 10:21 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\TuneUp Software
2016-05-26 10:19 - 2016-05-26 10:19 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Macromedia
2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\Users\Darryll\AppData\Local\AvgSetupLog
2016-05-26 10:17 - 2016-06-02 11:30 - 00000000 ____D C:\ProgramData\Avg
2016-05-26 10:17 - 2016-06-02 11:00 - 00000000 ____D C:\Users\Darryll\AppData\Local\Avg
Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "WinZip Preloader.lnk" /f
Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "Update Notifier.lnk" /f
EmptyTemp:
*****************

Restore point was successfully created.
HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
C:\Program Files\Common Files\McAfee => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
C:\ProgramData\Package Cache => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\ProgramData\Avg_Update_0516piz => moved successfully
C:\Users\Darryll\AppData\Roaming\AVG => moved successfully
C:\Users\Darryll\AppData\Roaming\TuneUp Software => moved successfully
C:\Users\Darryll\AppData\Roaming\Macromedia => moved successfully
C:\Users\Darryll\AppData\Local\AvgSetupLog => moved successfully
C:\ProgramData\Avg => moved successfully
C:\Users\Darryll\AppData\Local\Avg => moved successfully

========= reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "WinZip Preloader.lnk" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "Update Notifier.lnk" /f =========

The operation completed successfully.



========= End of Reg: =========

EmptyTemp: => 816.6 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:00:02 ====

Hope it worked... Looked GR8 to me and im donating now!
dmath1n is offline  
Old 06-03-2016, 06:31 PM   #10
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, dmath1n. Thanks. How is the machine behaving? You can use it normally for a day or so, and let me know.

------------------------------------------------------

If you haven't already donated...

Please read this and, if possible, contribute as much as you can:

Help BleepingComputer Defend Freedom of Speech

------------------------------------------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Double-click mbam-setup-2.2.1.1043.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish
  • At the end of the installation, a database update will be performed.
  • Click on Scan Now
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double-click on the Scan Log which shows the Date and Time of the scan just performed.
  • Click Export
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Post that saved log in your next reply.
------------------------------------------------------

Please run this online scan to help look for remnants. Ensure your external and/or USB drives are inserted during the scan.

Go here and click 'Run ESET Online Scanner'.
  • If you are not using Internet Explorer, double-click esetsmartinstaller_enu.exe to install it, then click 'Run'.
  • Turn off the real-time scanner of any existing antivirus program while performing the online scan. Here's how
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If using Internet Explorer, allow the ActiveX control to install when asked.
  • Once the components have downloaded, tick the option Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked:
    • Scan Archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Next to 'Current scan targets: Operating memory, Local drives', click the Change... button.
  • Tick all the boxes that correspond to your external/inserted drives.
  • Click Start
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
  • Save that text file to your desktop, and then copy/paste the contents in your next reply.
------------------------------------------------------

Please post the following in your next reply:

MBAM log
ESET report
report on system behavior
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-03-2016, 06:39 PM   #11
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



Thank you!! The computer is stable for the first time in a month! I had a very hard time after rogers "Tek-Xperts" Told me to reset my puter. Lost my hp restore drive and my 35,000 pics! s Some way I manage to get my Phone back and an old Laptop was my windows 10 flash drive install Savior!
Thank you again and i will defiantly donate generously!
And yes it seems very stable.
dmath1n is offline  
Old 06-03-2016, 08:10 PM   #12
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Glad to hear it. Post when ready.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-13-2016, 09:48 AM   #13
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



I have been infected with RannohDecryptor 2 days ago. I had crypt virus recently and was helped in resolving it however here we go again! I cannot run combofix as on win 10 support. my network is messed up and theirs someone using it now! I have limited access to certian tools as well.
-dds.txt-
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Darryll at 10:42:36 on 2016-06-13
Microsoft Windows 10 Pro 10.0.10586.0.1252.1.1033.18.12193.9784 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxCUIService.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
svchost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\WinZip\FAHWindow64.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\WinZip\WzPreloader.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mStart Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9ededb0f
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll
uRun: [OneDrive] "C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRunOnce: [Uninstall C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\UPDATE~1.LNK - C:\Program Files\WinZip\WZUpdateNotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WINZIP~1.LNK - C:\Program Files\WinZip\WzPreloader.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: Interfaces\{f9d7127e-61b5-4f4d-a765-aebd44c2e6fc} : DHCPNameServer = 192.168.0.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9ededb0f
x64-BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\
FF - prefs.js: browser.search.selectedEngine - Search Provided by Bing
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - true
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\WINDOWS\System32\drivers\avgidsha.sys [2016-1-26 272304]
R0 Avgloga;AVG Logging Driver;C:\WINDOWS\System32\drivers\avgloga.sys [2016-2-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\WINDOWS\System32\drivers\avgmfx64.sys [2016-5-5 247040]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\WINDOWS\System32\drivers\avgrkx64.sys [2016-5-2 51968]
R0 avguniva;AVG Universal Driver;C:\WINDOWS\System32\drivers\avguniva.sys [2016-5-5 71936]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 Avgdiska;AVG Disk Driver;C:\WINDOWS\System32\drivers\avgdiska.sys [2016-2-16 162592]
R1 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\System32\drivers\avgidsdrivera.sys [2016-5-18 307456]
R1 Avgwfpa;AVG Firewall Driver;C:\WINDOWS\System32\drivers\avgwfpa.sys [2015-12-16 315840]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-26 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-5-18 1080592]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-3-16 28552]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-8-18 359848]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2016-5-26 743688]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 vToolbarUpdater40.3.1;vToolbarUpdater40.3.1;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe [2016-5-26 1323080]
R2 WtuSystemSupport;WtuSystemSupport;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2016-5-26 972872]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2013-4-24 109336]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-5-26 245760]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2015-10-30 2504192]
R3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 rtbth;RTBTH Bluetooth Device Driver;C:\WINDOWS\System32\drivers\rtbth.sys [2015-6-3 1219200]
R3 RTL8167;Realtek 8167 NT Driver;C:\WINDOWS\System32\drivers\Rt64win7.sys [2016-3-31 1027840]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
R3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\WINDOWS\System32\drivers\avgboota.sys [2016-1-7 21632]
S1 Avgldx64;AVG AVI Loader Driver;C:\WINDOWS\System32\drivers\avgldx64.sys [2016-5-2 260352]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-5-20 5164800]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-5-20 705528]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AvgAMPS;AvgAMPS;C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-5-20 636312]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-2-13 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-5-26 129152]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2014-8-20 452056]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-5-26 221824]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-26 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-5-26 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-26 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-5-26 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-5-26 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-5-26 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-06-13 14:27:07 -------- d--h--w- C:\OneDriveTemp
2016-06-13 10:31:30 -------- d-----w- C:\Users\Darryll\AppData\Local\Microsoft_Corporation
2016-06-13 10:03:37 -------- d-----w- C:\Users\Darryll\AppData\Local\NetworkTiles
2016-06-13 10:03:19 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{014C60DB-6EB2-4624-BE2F-1C5927D01843}\mpengine.dll
2016-06-13 01:11:23 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-06-13 01:04:40 -------- d-----w- C:\Users\Darryll\AppData\Local\Avg
2016-06-13 01:03:46 -------- d-----w- C:\Users\Darryll\AppData\Local\AVG Web TuneUp
2016-06-12 22:55:58 -------- d-----w- C:\Users\Darryll\AppData\Local\Apps
2016-06-12 19:58:35 -------- d-----w- C:\Program Files (x86)\TeslaDecoder
2016-06-12 18:10:13 -------- d-----w- C:\Users\Darryll\AppData\Local\NVIDIA
2016-06-12 17:50:07 -------- d-----w- C:\WINDOWS\SysWow64\ipam
2016-06-12 17:50:05 -------- d-----w- C:\WINDOWS\System32\ipam
2016-06-12 17:50:04 -------- d-----w- C:\WINDOWS\Cluster
2016-06-12 14:26:04 -------- d-----w- C:\Users\Darryll\AppData\Local\Diagnostics
2016-06-12 12:30:28 -------- d-----w- C:\Program Files\EaseUS
2016-06-12 01:24:37 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2016-06-11 15:50:57 3369288 ----a-w- C:\WINDOWS\System32\nvapi64.dll
2016-06-11 15:28:16 -------- d-----w- C:\ProgramData\Thunder Network
2016-06-11 15:27:36 -------- d-----w- C:\ProgramData\DriverTalent
2016-06-11 15:27:32 -------- d-----w- C:\Users\Darryll\AppData\Roaming\DriverTalent
2016-06-11 15:27:32 -------- d-----w- C:\OSTotoFolder
2016-06-11 15:27:26 -------- d-----w- C:\Program Files (x86)\OSTotoSoft
2016-06-11 15:07:52 -------- d-----w- C:\ProgramData\SoundResearch
2016-06-11 15:07:49 -------- d-----w- C:\Program Files\IDT
2016-06-11 14:31:15 -------- d-----w- C:\Users\Darryll\AppData\Local\Google
2016-06-11 14:08:27 -------- d-----w- C:\Users\Darryll\AppData\Local\DriverToolkit
2016-06-11 14:08:24 -------- d-----w- C:\Program Files (x86)\DriverToolkit
2016-06-06 15:45:24 -------- d-----w- C:\Users\Darryll\.zenmap
2016-06-06 15:44:09 -------- d-----w- C:\Program Files\WinPcap
2016-06-06 15:39:27 -------- d-----w- C:\Program Files (x86)\Nmap
2016-06-04 01:35:10 -------- d---a-w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-04 01:35:10 -------- d-----w- C:\ProgramData\Malwarebytes
2016-06-04 01:34:57 -------- d-----w- C:\Users\Darryll\AppData\Local\Programs
2016-06-03 21:21:40 -------- d-----w- C:\WINDOWS\SysWow64\ivtMobCache
2016-06-03 16:16:55 -------- d-----w- C:\Users\Darryll\AppData\Roaming\Logishrd
2016-06-03 14:50:54 -------- d-----w- C:\Program Files (x86)\Ralink Corporation
2016-06-03 14:18:11 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2016-06-03 13:55:15 -------- d-----w- C:\Users\Darryll\AppData\Local\Intel
2016-06-02 21:18:06 -------- d-----w- C:\Program Files (x86)\Temp
2016-06-02 15:54:53 -------- d-----w- C:\WINDOWS\System32\appmgmt
2016-06-02 15:37:18 -------- d-----w- C:\cygwin64
2016-06-01 21:39:30 -------- d-----w- C:\KVRT_Data
2016-06-01 20:59:29 -------- d-----w- C:\Users\Darryll\AppData\Roaming\QuickScan
2016-06-01 14:12:18 -------- d-----w- C:\ProgramData\Cisco Systems
2016-05-29 13:36:57 -------- d-sh--w- C:\Users\Darryll\IntelGraphicsProfiles
2016-05-28 23:44:07 91128 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2016-05-28 23:41:08 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 23:41:08 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-28 17:50:58 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-05-28 14:19:33 -------- d-----w- C:\Users\Darryll\AppData\Local\ElevatedDiagnostics
2016-05-28 12:28:57 -------- d-----w- C:\recuva
2016-05-28 12:27:37 -------- d-----w- C:\Users\Darryll\AppData\Roaming\WinZip
2016-05-27 17:03:56 -------- d-----w- C:\Tor
2016-05-27 00:56:37 -------- d-----w- C:\Users\Darryll\AppData\Roaming\WinBatch
2016-05-27 00:49:12 -------- d-----w- C:\Users\Darryll\AppData\Local\CEF
2016-05-27 00:48:04 -------- d-----w- C:\Program Files\Common Files\Intel
2016-05-27 00:47:41 -------- d-----w- C:\ProgramData\Package Cache
2016-05-27 00:47:39 -------- d-----w- C:\Program Files\Common Files\McAfee
2016-05-27 00:39:32 -------- d-----w- C:\Users\Darryll\AppData\Local\Macromedia
2016-05-27 00:39:04 -------- d-----w- C:\Users\Darryll\AppData\Local\Adobe
2016-05-26 22:39:37 -------- d-----w- C:\Users\Darryll\AppData\Local\Hewlett-Packard
2016-05-26 22:08:27 -------- d-----w- C:\System.sav
2016-05-26 22:07:30 -------- d-----w- C:\Users\Darryll\AppData\Roaming\hpqLog
2016-05-26 21:41:17 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2016-05-26 21:39:25 -------- d-----w- C:\Users\Darryll\AppData\Local\PeerDistRepub
2016-05-26 20:59:00 -------- d-----w- C:\ProgramData\UniqueId
2016-05-26 20:58:21 -------- d-----w- C:\Users\Darryll\AppData\Local\WinZip
2016-05-26 16:09:11 -------- d-----w- C:\Users\Darryll\AppData\Roaming\uTorrent
2016-05-26 15:37:54 221824 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2016-05-26 15:37:54 129152 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2016-05-26 15:37:30 -------- d-----w- C:\Program Files\SAMSUNG
2016-05-26 15:27:46 -------- d-----w- C:\ProgramData\Samsung
2016-05-26 15:26:36 -------- d-----w- C:\FRST
2016-05-26 14:24:01 -------- d-----w- C:\Program Files\Common Files\AVG Secure Search
2016-05-26 14:23:59 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2016-05-26 14:23:58 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2016-05-26 14:23:58 -------- d-----w- C:\Program Files\AVG Web TuneUp
2016-05-26 14:23:55 -------- d-----w- C:\Program Files (x86)\AVG Web TuneUp
2016-05-26 14:23:04 -------- d-----w- C:\ProgramData\Avg_Update_0516piz
2016-05-26 14:22:10 -------- d-----w- C:\Users\Darryll\AppData\Roaming\AVG
2016-05-26 14:21:04 -------- d-----w- C:\ProgramData\MFAData
2016-05-26 14:18:24 -------- d-----w- C:\Program Files (x86)\AVG
2016-05-26 14:17:44 -------- d---a-w- C:\ProgramData\Avg
2016-05-26 14:17:39 -------- d-----w- C:\ProgramData\Common Files
2016-05-26 14:02:12 -------- d-----w- C:\Users\Darryll\AppData\Local\Comms
2016-05-26 14:00:18 453288 ------w- C:\WINDOWS\System32\MpSigStub.exe
2016-05-26 13:57:58 -------- d-----w- C:\WINDOWS\System32\MRT
2016-05-26 13:55:59 7977472 ----a-w- C:\WINDOWS\System32\mos.dll
.
==================== Find3M ====================
.
2016-05-26 01:09:37 209408 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2016-05-26 01:09:36 230912 ----a-w- C:\WINDOWS\System32\msclmd.dll
2016-05-18 16:13:36 307456 ----a-w- C:\WINDOWS\System32\drivers\avgidsdrivera.sys
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-05 1534 247040 ----a-w- C:\WINDOWS\System32\drivers\avgmfx64.sys
2016-05-05 1532 71936 ----a-w- C:\WINDOWS\System32\drivers\avguniva.sys
2016-05-02 20:13:24 260352 ----a-w- C:\WINDOWS\System32\drivers\avgldx64.sys
2016-05-02 2054 51968 ----a-w- C:\WINDOWS\System32\drivers\avgrkx64.sys
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-25 04:36:12 716928 ----a-w- C:\WINDOWS\System32\WinUSBCoInstaller.dll
2016-04-25 04:36:08 1499408 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01007.dll
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 0557 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
2016-04-23 05:00:35 1337240 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2016-04-23 05:00:29 58208 ----a-w- C:\WINDOWS\System32\dwminit.dll
2016-04-23 05:00:29 1372304 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-04-23 04:56:52 534872 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-04-23 04:39:37 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-04-23 04:35:38 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2016-04-23 04:34:30 59392 ----a-w- C:\WINDOWS\System32\hmkd.dll
2016-04-23 04:34:19 67072 ----a-w- C:\WINDOWS\System32\drivers\usbser.sys
2016-04-23 04:33:59 63488 ----a-w- C:\WINDOWS\System32\drivers\UcmCx.sys
2016-04-23 04:33:58 65536 ----a-w- C:\WINDOWS\System32\drivers\UMDF\UcmCx.dll
2016-04-23 04:33:47 38400 ----a-w- C:\WINDOWS\System32\ByteCodeGenerator.exe
2016-04-23 04:33:36 89600 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll
2016-04-23 04:33:16 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
2016-04-23 04:32:22 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2016-04-23 04:32:11 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-04-23 04:32:01 69632 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-23 04:31:17 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
.
============= FINISH: 10:45:50.55 ===============

-Attach.txt-


Thanks in advance.
Attached Files
File Type: txt attach.txt (11.3 KB, 32 views)
dmath1n is offline  
Old 06-14-2016, 08:46 AM   #14
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



my machine is very infected! what do I do now?
dmath1n is offline  
Old 06-14-2016, 09:06 AM   #15
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, dmath1n. I merged this thread with your last one.

Were you planning on responding to the other thread, or did you just abandon it?

I'm not keen on taking on a thread where the user doesn't follow through with all the instructions to the end.

------------------------------------------------------

It appears you installed AVG again. You do not want more than 1 antivirus installed on your machine.

Don't uninstall any AVG products yet, some are likely hidden from Programs and Features. We'll do it later.

------------------------------------------------------

Delete AdwCleaner and FRST64 from you desktop, if they are still there.

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-14-2016, 03:41 PM   #16
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



Thanks,
I wasn't going to abandon it i was just working on my phone and restoring all my passwords from emails and financials.
I do appropriate all you are doing for me and will donate for sure.

==ADWCLEANER Log==
# AdwCleaner v5.200 - Logfile created 14/06/2016 at 1812
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-14.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : Darryll - DARRYLL-PC
# Running from : C:\Users\Darryll\Desktop\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : WtuSystemSupport
[-] Service Deleted : vToolbarUpdater40.3.1

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\avg web tuneup
[#] Folder Deleted : C:\ProgramData\Application Data\avg web tuneup
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\Program Files (x86)\avg web tuneup
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Users\Darryll\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\Darryll\AppData\Local\avg web tuneup
[-] Folder Deleted : C:\Program Files\avg web tuneup
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\s
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\csastats
[-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WtuSystemSupport
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\vToolbarUpdater40.3.1

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4415 bytes] - [14/06/2016 1812]
C:\AdwCleaner\AdwCleaner[S1].txt - [4370 bytes] - [14/06/2016 18:04:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4561 bytes] ##########

Thanks again!
dmath1n is offline  
Old 06-14-2016, 05:29 PM   #17
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10


Roll Eyes

First text...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
Ran by Darryll (administrator) on DARRYLL-PC (14-06-2016 18:57:16)
Running from C:\Users\Darryll\Desktop
Loaded Profiles: Darryll (Available Profiles: Darryll)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems, Inc.) C:\Windows\syswow64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\syswow64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\...\RunOnce: [Uninstall C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-05-26]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-05-26]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-05-26]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f9d7127e-61b5-4f4d-a765-aebd44c2e6fc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9ededb0f
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9ededb0f
HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9ededb0f&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9ededb0f&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9ededb0f&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9ededb0f&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-9ededb0f&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Bing
FF SelectedSearchEngine: Search Provided by Bing
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", true);
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-26] ()
FF Extension: Text Link - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2016-05-26]
FF Extension: IMDB Search - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2016-05-30]
FF Extension: AdBlocker Ultimate - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\Extensions\[email protected] [2016-05-26]
FF Extension: URL Fixer - C:\Users\Darryll\AppData\Roaming\Mozilla\Firefox\Profiles\w1mo8qx5.default\Extensions\{0fa2149e-bb2c-4ac2-a8d3-479599819475}.xpi [2016-06-12]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Darryll\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Darryll\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-11]
CHR Extension: (Google Drive) - C:\Users\Darryll\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Darryll\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-11]
CHR Extension: (Gmail) - C:\Users\Darryll\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-11]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>
CHR HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-08-18] (Intel Corporation)
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [194624 2016-02-10] (Intel Corporation)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2504192 2015-10-30] (MediaTek Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 18:57 - 2016-06-14 18:57 - 00009958 _____ C:\Users\Darryll\Desktop\FRST.txt
2016-06-14 18:56 - 2016-06-14 18:56 - 02385920 _____ (Farbar) C:\Users\Darryll\Desktop\FRST64.exe
2016-06-14 18:03 - 2016-06-14 18:06 - 00000000 ____D C:\AdwCleaner
2016-06-14 18:03 - 2016-06-14 18:03 - 03703360 _____ C:\Users\Darryll\Desktop\AdwCleaner.exe
2016-06-14 17:36 - 2016-06-14 17:36 - 00001358 _____ C:\Users\Darryll\Downloads\protocol.txt
2016-06-14 15:33 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 15:33 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 15:33 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 15:33 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 15:33 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 15:33 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 15:33 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 15:33 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 15:33 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 15:33 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 15:33 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 15:33 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 15:33 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 15:33 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 15:33 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 15:33 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 15:33 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 15:33 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 15:33 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 15:33 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 15:33 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 15:33 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 15:33 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 15:33 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 15:33 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 15:33 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 15:33 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 15:33 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 15:33 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 15:33 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 15:33 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 15:33 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 15:33 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 15:33 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 15:33 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 15:33 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 15:33 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 15:33 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 15:33 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 15:33 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 15:33 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 15:33 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 15:33 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 15:33 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 15:33 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 15:33 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 15:33 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 15:33 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 15:33 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 15:33 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 15:32 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 15:32 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 15:32 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 15:32 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 15:32 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 15:32 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 15:32 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 15:32 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 15:32 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 15:32 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 15:32 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 15:32 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 15:32 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 15:32 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 15:32 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 15:32 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 15:32 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 15:32 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 15:32 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 15:32 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 15:32 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 15:32 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 15:32 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 15:32 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 15:32 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 15:32 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 15:32 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 15:32 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 15:32 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 15:32 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 15:32 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 15:32 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 15:32 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 15:32 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 15:32 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 15:32 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 15:32 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 15:32 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 15:32 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 15:32 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 15:32 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 15:32 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 15:32 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 15:32 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 15:32 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 15:32 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 15:32 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 15:32 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 15:32 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 15:32 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 15:32 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 15:32 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 15:32 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 15:32 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 15:32 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 15:32 - 2016-05-28 00:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-14 15:32 - 2016-05-28 00:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-14 15:32 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 15:32 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 15:32 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 15:32 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 15:32 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 15:32 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 15:32 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 15:32 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 15:32 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 15:32 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 15:32 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 15:32 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 15:32 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 15:32 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 15:32 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 15:32 - 2016-05-28 00:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 15:32 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 15:32 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 15:32 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 15:32 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 15:32 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 15:32 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 15:32 - 2016-05-28 00:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-14 15:32 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 15:32 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 15:32 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 15:32 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 15:32 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 15:32 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 15:32 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 15:32 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 15:32 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 15:32 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 15:32 - 2016-05-28 00:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-14 15:32 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 15:32 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 15:32 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 15:32 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 15:32 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 15:32 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 15:32 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 15:32 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 15:32 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 15:32 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 15:32 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 15:32 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 15:32 - 2016-05-28 00:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-14 15:32 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 15:32 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 15:32 - 2016-05-28 00:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-14 15:32 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 15:32 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 15:32 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 15:32 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 15:32 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 15:32 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 15:32 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 15:32 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 15:32 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 15:32 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 15:32 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 15:32 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 15:32 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 15:32 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 15:32 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 15:32 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 15:32 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 15:32 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 15:32 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 15:32 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 15:32 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 15:32 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 15:32 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 15:32 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 15:32 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 15:32 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 15:32 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 15:32 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 15:32 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 15:32 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 15:32 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 15:32 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 15:32 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 15:32 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 15:32 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 15:32 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-13 16:31 - 2016-06-13 16:32 - 00002628 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_16.31.27_log.txt
2016-06-13 15:23 - 2016-06-13 15:23 - 00000000 ____D C:\Users\Darryll\Documents\New folder
2016-06-13 15:22 - 2016-06-13 15:23 - 00002628 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_15.22.19_log.txt
2016-06-13 12:45 - 2016-06-14 18:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-13 11:17 - 2016-06-13 11:17 - 00000000 ___HD C:\OneDriveTemp
2016-06-13 10:53 - 2016-06-13 10:53 - 00000000 ____D C:\Users\Darryll\AppData\Local\MFAData
2016-06-13 10:50 - 2016-06-13 10:53 - 00000000 ____D C:\Users\Darryll\AppData\Local\AvgSetupLog
2016-06-13 09:10 - 2016-06-13 09:10 - 00000000 ____D C:\Users\Darryll\Documents\META-INF
2016-06-13 09:09 - 2016-06-13 09:09 - 00000000 ____D C:\Users\Darryll\Documents\assets
2016-06-13 09:00 - 2016-06-13 09:00 - 00001958 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_09.00.20_log.txt
2016-06-13 08:40 - 2016-06-13 08:55 - 00002608 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_08.40.08_log.txt
2016-06-13 08:37 - 2016-06-13 08:39 - 00002434 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_08.37.02_log.txt
2016-06-13 08:36 - 2016-06-13 08:36 - 00002046 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_08.36.44_log.txt
2016-06-13 08:09 - 2016-06-13 08:10 - 00002240 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_08.09.53_log.txt
2016-06-13 08:09 - 2016-06-13 08:09 - 00000344 __RSH C:\ProgramData\ntuser.pol
2016-06-13 06:42 - 2016-06-13 06:42 - 00002240 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_06.42.05_log.txt
2016-06-13 06:31 - 2016-06-13 06:31 - 00000000 ____D C:\Users\Darryll\AppData\Local\Microsoft_Corporation
2016-06-13 06:23 - 2016-06-13 06:39 - 00002512 _____ C:\RannohDecryptor.1.9.1.1_13.06.2016_06.23.46_log.txt
2016-06-13 06:21 - 2016-06-13 06:21 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Macromedia
2016-06-13 06:03 - 2016-06-13 06:03 - 00000000 ____D C:\Users\Darryll\AppData\Local\NetworkTiles
2016-06-13 05:57 - 2016-06-13 05:57 - 1266009563 _____ C:\WINDOWS\MEMORY.DMP
2016-06-13 05:57 - 2016-06-13 05:57 - 00677292 _____ C:\WINDOWS\Minidump\061316-32578-01.dmp
2016-06-13 05:57 - 2016-06-13 05:57 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-12 21:04 - 2016-06-13 11:15 - 00000000 ____D C:\Users\Darryll\AppData\Local\Avg
2016-06-12 18:55 - 2016-06-12 18:55 - 00000000 ____D C:\Users\Darryll\AppData\Local\Apps\2.0
2016-06-12 17:56 - 2016-06-12 17:56 - 00000000 ___DL C:\Users\Darryll\Documents\b
2016-06-12 15:58 - 2016-06-12 20:55 - 00000000 ____D C:\Program Files (x86)\TeslaDecoder
2016-06-12 14:10 - 2016-06-12 14:10 - 00000000 ____D C:\Users\Darryll\AppData\Local\NVIDIA
2016-06-12 13:50 - 2016-06-12 20:55 - 00000000 ____D C:\WINDOWS\Cluster
2016-06-12 13:50 - 2016-06-12 13:50 - 00000000 ____D C:\WINDOWS\SysWOW64\ipam
2016-06-12 13:50 - 2016-06-12 13:50 - 00000000 ____D C:\WINDOWS\system32\ipam
2016-06-12 13:07 - 2016-06-12 13:07 - 00027055 _____ C:\Users\Darryll\Downloads\Shortcut.txt
2016-06-12 13:05 - 2016-06-12 20:55 - 00000000 ____D C:\Users\Darryll\Downloads\FRST-OlderVersion
2016-06-12 12:10 - 2016-06-12 12:10 - 00001036 _____ C:\Users\Darryll\rollbackinfo.scp
2016-06-12 08:30 - 2016-06-12 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2016-06-12 08:30 - 2016-06-12 08:30 - 00000000 ____D C:\Program Files\EaseUS
2016-06-11 21:24 - 2016-06-11 21:24 - 00000000 ____D C:\Tweaking.com_Windows_Repair_Logs
2016-06-11 13:57 - 2016-06-11 13:58 - 00002318 _____ C:\RannohDecryptor.1.9.1.1_11.06.2016_13.57.25_log.txt
2016-06-11 13:38 - 2016-06-11 13:40 - 00003016 _____ C:\RannohDecryptor.1.9.1.1_11.06.2016_13.38.13_log.txt
2016-06-11 13:36 - 2016-06-11 13:36 - 00002046 _____ C:\RannohDecryptor.1.9.1.1_11.06.2016_13.36.35_log.txt
2016-06-11 11:50 - 2015-11-09 22:31 - 03369288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-11 11:46 - 2016-06-12 20:55 - 00000000 ____D C:\Program Files\7-Zip
2016-06-11 11:43 - 2016-06-11 11:45 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-06-11 11:28 - 2016-06-11 11:28 - 00000000 ____D C:\Users\Public\Thunder Network
2016-06-11 11:28 - 2016-06-11 11:28 - 00000000 ____D C:\ProgramData\Thunder Network
2016-06-11 11:27 - 2016-06-12 10:05 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft
2016-06-11 11:27 - 2016-06-11 11:27 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\DriverTalent
2016-06-11 11:27 - 2016-06-11 11:27 - 00000000 ____D C:\ProgramData\DriverTalent
2016-06-11 11:27 - 2016-06-11 11:27 - 00000000 ____D C:\OSTotoFolder
2016-06-11 11:07 - 2016-06-12 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-06-11 11:07 - 2016-06-12 20:55 - 00000000 ____D C:\Program Files\IDT
2016-06-11 11:07 - 2016-06-11 11:07 - 00000000 ____D C:\ProgramData\SoundResearch
2016-06-11 10:31 - 2016-06-12 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-06-11 10:31 - 2016-06-12 20:55 - 00000000 ____D C:\Program Files\Recuva
2016-06-11 10:31 - 2016-06-11 10:31 - 00000000 ____D C:\Users\Darryll\AppData\Local\Google
2016-06-11 10:31 - 2016-06-11 10:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-06 20:15 - 2016-06-06 20:15 - 00000218 _____ C:\Users\Darryll\AppData\Local\recently-used.xbel
2016-06-06 11:45 - 2016-06-13 06:39 - 00000000 ____D C:\Users\Darryll\.zenmap
2016-06-06 11:44 - 2016-06-12 20:55 - 00000000 ____D C:\Program Files\WinPcap
2016-06-06 11:39 - 2016-06-12 20:56 - 00000000 ____D C:\Program Files (x86)\Nmap
2016-06-03 21:35 - 2016-06-12 20:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-03 21:35 - 2016-06-03 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-03 17:21 - 2016-06-03 17:21 - 00000000 ____D C:\WINDOWS\SysWOW64\ivtMobCache
2016-06-03 17:11 - 2016-06-03 21:30 - 00000000 ____D C:\Users\Darryll\Downloads\The Brothers Grimsby 2016 1080p BluRay x264 AAC 5.1 - Hon3y
2016-06-03 17:02 - 2016-06-11 10:40 - 00000000 ____D C:\Users\Darryll\AppData\LocalLow\uTorrent
2016-06-03 17:02 - 2016-06-03 21:29 - 00000000 ____D C:\Users\Darryll\Downloads\Before.I.Wake.2016.HC.HDRip.XviD.AC3-EVO
2016-06-03 16:24 - 2016-06-03 16:24 - 00861116 _____ C:\Users\Darryll\Desktop\yahoo_contacts.vcf
2016-06-03 12:18 - 2016-06-03 12:18 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2016-06-03 12:18 - 2016-06-03 12:18 - 00000000 ____D C:\ProgramData\Documents\Logishrd
2016-06-03 12:17 - 2016-06-03 12:18 - 00000000 ____D C:\ProgramData\Logishrd
2016-06-03 12:17 - 2016-06-03 12:17 - 00000000 ____D C:\Program Files\Logitech
2016-06-03 12:17 - 2016-06-03 12:17 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2016-06-03 12:16 - 2016-06-13 16:37 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Logishrd
2016-06-03 12:16 - 2016-06-03 12:18 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Logitech
2016-06-03 10:57 - 2016-06-03 10:57 - 00000000 ____D C:\Users\Darryll\Documents\Bluetooth
2016-06-03 10:50 - 2016-06-03 10:50 - 00000000 ____D C:\Program Files (x86)\Ralink Corporation
2016-06-03 10:19 - 2016-06-03 10:20 - 00005310 _____ C:\IFRToolLog.txt
2016-06-03 10:18 - 2016-06-03 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-03 10:18 - 2016-06-03 10:18 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-03 09:55 - 2016-06-03 09:55 - 00000000 ____D C:\Users\Darryll\AppData\Local\Intel
2016-06-03 09:54 - 2016-06-03 10:18 - 00000000 ____D C:\ProgramData\Intel
2016-06-03 08:57 - 2016-06-03 08:57 - 00000000 ____D C:\Users\Darryll\Downloads\ftp%3a%2f%2fftp.gtlib.gatech.edu%2fpub%2fcygwin%2f
2016-06-02 17:18 - 2016-06-02 17:33 - 00000000 ____D C:\Program Files (x86)\Temp
2016-06-02 11:54 - 2016-06-02 11:54 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-06-02 11:40 - 2016-06-02 11:40 - 00000503 _____ C:\Users\Darryll\Downloads\setup.log.full
2016-06-02 11:39 - 2016-06-02 11:39 - 00000000 ____D C:\Users\Darryll\Downloads\http%3a%2f%2fcygwin.mirror.constant.com%2f
2016-06-02 11:37 - 2016-06-12 20:56 - 00000000 ____D C:\cygwin64
2016-06-02 10:25 - 2016-06-02 10:54 - 00000275 _____ C:\Users\Darryll\Desktop\New Text Document.txt
2016-06-01 17:39 - 2016-06-01 18:40 - 00000000 ____D C:\KVRT_Data
2016-06-01 16:59 - 2016-06-01 16:59 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\QuickScan
2016-06-01 10:12 - 2016-06-01 10:12 - 00000000 ____D C:\ProgramData\Cisco Systems
2016-05-29 09:36 - 2016-06-14 18:13 - 00000000 __SHD C:\Users\Darryll\IntelGraphicsProfiles
2016-05-28 19:44 - 2015-08-18 02:27 - 00091128 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-05-28 19:41 - 2016-06-14 18:13 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-28 19:41 - 2016-05-28 19:41 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-28 10:19 - 2016-06-13 15:44 - 00000000 ____D C:\Users\Darryll\AppData\Local\ElevatedDiagnostics
2016-05-28 08:40 - 2016-05-28 08:40 - 00000017 _____ C:\Users\Darryll\AppData\Local\resmon.resmoncfg
2016-05-28 08:28 - 2016-05-28 08:28 - 00000000 ____D C:\recuva
2016-05-28 08:27 - 2016-06-14 09:00 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\WinZip
2016-05-28 08:12 - 2016-05-26 20:39 - 00000030 _____ C:\AVScanner.ini
2016-05-27 13:04 - 2016-05-27 13:04 - 00000907 _____ C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-27 13:03 - 2016-05-27 13:04 - 00000000 ____D C:\Tor
2016-05-27 09:11 - 2016-06-13 22:01 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0C8292E5-4881-4616-8A51-4EA00FE97FF7}
2016-05-26 20:56 - 2016-05-26 20:56 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\WinBatch
2016-05-26 20:53 - 2016-05-26 20:53 - 00000000 ____D C:\Users\Darryll\Downloads\HP Downloads
2016-05-26 20:49 - 2016-05-26 20:49 - 00000000 ____D C:\Users\Darryll\AppData\Local\CEF
2016-05-26 20:48 - 2016-05-26 20:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-05-26 20:47 - 2016-06-12 20:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-26 20:47 - 2016-06-12 20:56 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-05-26 20:47 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files\Intel
2016-05-26 20:39 - 2016-05-26 20:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\Macromedia
2016-05-26 20:39 - 2016-05-26 20:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\Adobe
2016-05-26 18:40 - 2016-06-12 22:28 - 00003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDarryll
2016-05-26 18:40 - 2016-06-12 22:28 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDarryll.job
2016-05-26 18:39 - 2016-05-26 20:52 - 00000000 ____D C:\Users\Darryll\AppData\Local\Hewlett-Packard
2016-05-26 18:39 - 2016-05-26 19:14 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Hewlett-Packard
2016-05-26 18:08 - 2016-05-27 16:28 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-05-26 18:08 - 2016-05-26 18:08 - 00000000 ____D C:\System.sav
2016-05-26 18:08 - 2016-05-26 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-05-26 18:07 - 2016-06-02 17:24 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-05-26 17:41 - 2016-05-26 17:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-26 17:39 - 2016-05-26 17:39 - 00000000 ____D C:\Users\Darryll\AppData\Local\PeerDistRepub
2016-05-26 17:30 - 2016-06-12 20:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-05-26 17:30 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-26 16:59 - 2016-05-26 16:59 - 00000000 ____D C:\ProgramData\UniqueId
2016-05-26 16:58 - 2016-06-14 09:00 - 00000000 ____D C:\Program Files\WinZip
2016-05-26 16:58 - 2016-06-13 11:09 - 00000000 ____D C:\Users\Darryll\AppData\Local\WinZip
2016-05-26 16:58 - 2016-06-13 08:09 - 00003616 _____ C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask
2016-05-26 16:58 - 2016-06-13 06:22 - 00000000 ____D C:\ProgramData\WinZip
2016-05-26 16:58 - 2016-06-12 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-05-26 16:58 - 2016-05-26 16:58 - 00002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2016-05-26 16:58 - 2016-05-26 16:58 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
2016-05-26 16:58 - 2016-05-26 16:58 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-05-26 16:58 - 2016-05-26 16:58 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-05-26 13:31 - 2016-05-26 13:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-26 12:09 - 2016-06-13 10:50 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\uTorrent
2016-05-26 12:09 - 2016-05-26 12:09 - 02530304 _____ (BitTorrent Inc.) C:\Users\Darryll\Downloads\uTorrent.exe
2016-05-26 11:48 - 2016-05-26 11:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-05-26 11:48 - 2016-05-26 11:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-05-26 11:37 - 2016-05-26 11:37 - 00000000 ____D C:\Program Files\SAMSUNG
2016-05-26 11:37 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-05-26 11:37 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-05-26 11:27 - 2016-06-12 13:07 - 00027166 _____ C:\Users\Darryll\Downloads\Addition.txt
2016-05-26 11:27 - 2016-05-26 11:27 - 00000000 ____D C:\ProgramData\Samsung
2016-05-26 11:26 - 2016-06-14 18:57 - 00000000 ____D C:\FRST
2016-05-26 11:26 - 2016-06-12 13:07 - 00146933 _____ C:\Users\Darryll\Downloads\FRST.txt
2016-05-26 11:26 - 2016-05-26 11:26 - 02383360 _____ (Farbar) C:\Users\Darryll\Downloads\FRST64.exe
2016-05-26 10:25 - 2016-05-26 10:31 - 00000000 ____D C:\Users\Darryll\AppData\Local\Mozilla
2016-05-26 10:25 - 2016-05-26 10:25 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-26 10:25 - 2016-05-26 10:25 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-26 10:25 - 2016-05-26 10:25 - 00001220 _____ C:\ProgramData\Desktop\Mozilla Firefox.lnk
2016-05-26 10:25 - 2016-05-26 10:25 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Mozilla
2016-05-26 10:23 - 2016-06-12 20:56 - 00000000 ____D C:\ProgramData\Avg_Update_0516piz
2016-05-26 10:23 - 2016-05-26 10:24 - 44584344 _____ C:\Users\Darryll\Downloads\Firefox Setup 46.0.1 (1).exe
2016-05-26 10:23 - 2016-05-26 10:23 - 44584344 _____ C:\Users\Darryll\Downloads\Firefox Setup 46.0.1.exe
2016-05-26 10:22 - 2016-06-12 20:56 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\AVG
2016-05-26 10:21 - 2016-06-13 11:15 - 00000000 ____D C:\ProgramData\MFAData
2016-05-26 10:18 - 2016-06-13 11:15 - 00000000 ____D C:\Program Files (x86)\AVG
2016-05-26 10:18 - 2016-06-12 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-05-26 10:17 - 2016-06-13 11:15 - 00000000 ____D C:\ProgramData\Avg
2016-05-26 10:02 - 2016-05-26 10:50 - 00000000 ____D C:\Users\Darryll\AppData\Local\Comms
2016-05-26 10:00 - 2016-04-22 03:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-05-26 09:57 - 2016-06-14 17:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-26 09:57 - 2016-06-14 17:50 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-26 09:56 - 2016-04-23 01:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-26 09:56 - 2016-04-23 00:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-26 09:56 - 2016-03-29 01:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-26 09:56 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-26 09:56 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-05-26 09:56 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-26 09:56 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-26 09:56 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-05-26 09:56 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-26 09:56 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-05-26 09:55 - 2016-05-06 00:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-26 09:55 - 2016-05-06 00:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-26 09:55 - 2016-05-06 00:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-26 09:55 - 2016-05-05 23:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-26 09:55 - 2016-05-05 23:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-26 09:55 - 2016-05-05 23:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-26 09:55 - 2016-05-05 23:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-26 09:55 - 2016-04-23 02:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
Attached Files
File Type: txt Addition.txt (17.3 KB, 33 views)
dmath1n is offline  
Old 06-14-2016, 05:29 PM   #18
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



2016-05-26 09:55 - 2016-04-23 01:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-26 09:55 - 2016-04-23 01:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-26 09:55 - 2016-04-23 01:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-26 09:55 - 2016-04-23 01:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-26 09:55 - 2016-04-23 01:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-26 09:55 - 2016-04-23 01:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-26 09:55 - 2016-04-23 01:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-26 09:55 - 2016-04-23 01:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-26 09:55 - 2016-04-23 01:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-26 09:55 - 2016-04-23 01:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-26 09:55 - 2016-04-23 01:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-26 09:55 - 2016-04-23 01:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-26 09:55 - 2016-04-23 01:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-26 09:55 - 2016-04-23 01:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-26 09:55 - 2016-04-23 01:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-26 09:55 - 2016-04-23 01:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-26 09:55 - 2016-04-23 01:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-26 09:55 - 2016-04-23 01:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-26 09:55 - 2016-04-23 01:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-26 09:55 - 2016-04-23 01:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-26 09:55 - 2016-04-23 01:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-26 09:55 - 2016-04-23 01:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-26 09:55 - 2016-04-23 01:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-26 09:55 - 2016-04-23 00:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-26 09:55 - 2016-04-23 00:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-26 09:55 - 2016-04-23 00:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-26 09:55 - 2016-04-23 00:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-26 09:55 - 2016-04-23 00:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-26 09:55 - 2016-04-23 00:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-26 09:55 - 2016-04-23 00:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-26 09:55 - 2016-04-23 00:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-26 09:55 - 2016-04-23 00:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-26 09:55 - 2016-04-23 00:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-26 09:55 - 2016-04-23 00:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-26 09:55 - 2016-04-23 00:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-26 09:55 - 2016-04-23 00:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-26 09:55 - 2016-04-23 00:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-26 09:55 - 2016-04-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-26 09:55 - 2016-04-23 00:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-26 09:55 - 2016-04-23 00:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-26 09:55 - 2016-04-23 00:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-26 09:55 - 2016-04-23 00:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-26 09:55 - 2016-04-23 00:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-26 09:55 - 2016-04-23 00:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-26 09:55 - 2016-04-23 00:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-26 09:55 - 2016-04-23 00:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-26 09:55 - 2016-04-23 00:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-26 09:55 - 2016-04-23 00:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-26 09:55 - 2016-04-23 00:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-26 09:55 - 2016-04-23 00:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-26 09:55 - 2016-04-23 00:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-26 09:55 - 2016-04-23 00:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-26 09:55 - 2016-04-23 00:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-26 09:55 - 2016-04-23 00:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-26 09:55 - 2016-04-23 00:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-26 09:55 - 2016-04-23 00:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-26 09:55 - 2016-04-23 00:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-26 09:55 - 2016-04-23 00:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-26 09:55 - 2016-04-23 00:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-26 09:55 - 2016-04-22 23:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-26 09:55 - 2016-04-22 22:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-26 09:55 - 2016-04-22 22:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-26 09:55 - 2016-04-18 18:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-26 09:55 - 2016-04-02 00:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-26 09:55 - 2016-04-02 00:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-26 09:55 - 2016-04-02 00:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-26 09:55 - 2016-04-01 23:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-26 09:55 - 2016-04-01 23:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-05-26 09:55 - 2016-04-01 23:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-26 09:55 - 2016-03-29 06:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-26 09:55 - 2016-03-29 06:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-26 09:55 - 2016-03-29 06:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-26 09:55 - 2016-03-29 06:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-26 09:55 - 2016-03-29 06:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-26 09:55 - 2016-03-29 06:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-26 09:55 - 2016-03-29 06:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-26 09:55 - 2016-03-29 06:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-26 09:55 - 2016-03-29 06:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-26 09:55 - 2016-03-29 06:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-26 09:55 - 2016-03-29 06:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-26 09:55 - 2016-03-29 06:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-26 09:55 - 2016-03-29 05:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-26 09:55 - 2016-03-29 05:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-05-26 09:55 - 2016-03-29 05:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-05-26 09:55 - 2016-03-29 05:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-26 09:55 - 2016-03-29 05:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-05-26 09:55 - 2016-03-29 05:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-26 09:55 - 2016-03-29 05:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-05-26 09:55 - 2016-03-29 05:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-26 09:55 - 2016-03-29 05:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-26 09:55 - 2016-03-29 05:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-26 09:55 - 2016-03-29 05:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-26 09:55 - 2016-03-29 05:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-05-26 09:55 - 2016-03-29 05:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-26 09:55 - 2016-03-29 04:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-05-26 09:55 - 2016-03-29 04:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-26 09:55 - 2016-03-29 04:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-26 09:55 - 2016-03-29 04:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-05-26 09:55 - 2016-03-29 04:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-05-26 09:55 - 2016-03-29 04:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-26 09:55 - 2016-03-29 04:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-05-26 09:55 - 2016-03-29 04:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-26 09:55 - 2016-03-29 04:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-26 09:55 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-26 09:55 - 2016-03-29 04:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-26 09:55 - 2016-03-29 04:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-26 09:55 - 2016-03-29 04:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-05-26 09:55 - 2016-03-29 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-26 09:55 - 2016-03-29 03:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-26 09:55 - 2016-03-29 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-26 09:55 - 2016-03-29 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-26 09:55 - 2016-03-29 03:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-26 09:55 - 2016-03-29 03:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-26 09:55 - 2016-03-29 03:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-26 09:55 - 2016-03-29 03:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-26 09:55 - 2016-03-29 03:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-26 09:55 - 2016-03-29 03:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-26 09:55 - 2016-03-29 03:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-26 09:55 - 2016-03-29 03:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-05-26 09:55 - 2016-03-29 03:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-26 09:55 - 2016-03-29 03:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-26 09:55 - 2016-03-29 03:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-26 09:55 - 2016-03-29 03:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-05-26 09:55 - 2016-03-29 03:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-26 09:55 - 2016-03-29 03:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-26 09:55 - 2016-03-29 03:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-26 09:55 - 2016-03-29 03:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-26 09:55 - 2016-03-29 03:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-26 09:55 - 2016-03-29 03:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-26 09:55 - 2016-03-29 03:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-26 09:55 - 2016-03-29 03:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-26 09:55 - 2016-03-29 03:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-26 09:55 - 2016-03-29 03:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-26 09:55 - 2016-03-29 03:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-26 09:55 - 2016-03-29 03:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-05-26 09:55 - 2016-03-29 03:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-26 09:55 - 2016-03-29 03:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-26 09:55 - 2016-03-29 03:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-26 09:55 - 2016-03-29 03:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-05-26 09:55 - 2016-03-29 03:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-05-26 09:55 - 2016-03-29 03:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-26 09:55 - 2016-03-29 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-05-26 09:55 - 2016-03-29 03:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-26 09:55 - 2016-03-29 03:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-26 09:55 - 2016-03-29 03:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-26 09:55 - 2016-03-29 03:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-05-26 09:55 - 2016-03-29 03:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-05-26 09:55 - 2016-03-29 03:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-05-26 09:55 - 2016-03-29 03:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-26 09:55 - 2016-03-29 03:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-26 09:55 - 2016-03-29 03:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-05-26 09:55 - 2016-03-29 03:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-26 09:55 - 2016-03-29 03:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-26 09:55 - 2016-03-29 03:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-05-26 09:55 - 2016-03-29 03:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-26 09:55 - 2016-03-29 03:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-05-26 09:55 - 2016-03-29 03:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-05-26 09:55 - 2016-03-29 03:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-26 09:55 - 2016-03-29 03:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-26 09:55 - 2016-03-29 03:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-26 09:55 - 2016-03-29 03:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-26 09:55 - 2016-03-29 02:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-26 09:55 - 2016-03-29 02:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-26 09:55 - 2016-03-29 02:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-26 09:55 - 2016-03-29 02:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-26 09:55 - 2016-03-29 02:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-05-26 09:55 - 2016-03-29 02:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-05-26 09:55 - 2016-03-29 02:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-05-26 09:55 - 2016-03-29 02:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-26 09:55 - 2016-03-29 02:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-05-26 09:55 - 2016-03-29 02:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-26 09:55 - 2016-03-29 02:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-26 09:55 - 2016-03-29 02:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-05-26 09:55 - 2016-03-29 02:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-26 09:55 - 2016-03-29 02:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-05-26 09:55 - 2016-03-29 02:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-05-26 09:55 - 2016-03-29 02:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-26 09:55 - 2016-03-29 02:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-05-26 09:55 - 2016-03-29 02:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-05-26 09:55 - 2016-03-29 02:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-26 09:55 - 2016-03-29 02:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-05-26 09:55 - 2016-03-29 02:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-05-26 09:55 - 2016-03-29 02:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-26 09:55 - 2016-03-29 02:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-05-26 09:55 - 2016-03-29 02:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-05-26 09:55 - 2016-03-29 02:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-05-26 09:55 - 2016-03-29 02:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-05-26 09:55 - 2016-03-29 02:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-26 09:55 - 2016-03-29 02:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-05-26 09:55 - 2016-03-29 02:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-05-26 09:55 - 2016-03-29 02:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-05-26 09:55 - 2016-03-29 02:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-26 09:55 - 2016-03-29 02:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-26 09:55 - 2016-03-29 02:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-26 09:55 - 2016-03-29 02:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-26 09:55 - 2016-03-29 01:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-26 09:55 - 2016-03-29 01:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-26 09:55 - 2016-03-29 01:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-05-26 09:55 - 2016-03-29 01:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-05-26 09:55 - 2016-03-29 01:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-05-26 09:55 - 2016-03-29 01:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-26 09:55 - 2016-03-29 01:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-26 09:55 - 2016-03-29 01:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-26 09:55 - 2016-03-29 01:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-26 09:55 - 2016-03-29 01:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-26 09:55 - 2016-03-29 01:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-05-26 09:55 - 2016-03-29 01:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-05-26 09:55 - 2016-03-29 01:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-26 09:55 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-26 09:55 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-05-26 09:55 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-26 09:55 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-26 09:55 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-26 09:55 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-26 09:55 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-26 09:55 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-05-26 09:55 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-26 09:55 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-26 09:55 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-26 09:55 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-26 09:55 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-26 09:55 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-26 09:55 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-26 09:55 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-05-26 09:55 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-05-26 09:55 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-05-26 09:55 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-26 09:55 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-26 09:55 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-26 09:55 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-26 09:55 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-26 09:55 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-26 09:55 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-26 09:55 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-26 09:55 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-26 09:55 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-26 09:55 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-26 09:55 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-26 09:55 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-26 09:55 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-26 09:55 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-26 09:55 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-26 09:55 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-26 09:55 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-26 09:55 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-26 09:55 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-26 09:55 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-26 09:55 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-26 09:55 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-26 09:55 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-05-26 09:55 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-05-26 09:55 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-26 09:55 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-05-26 09:55 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-26 09:55 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-26 09:55 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-05-26 09:55 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-05-26 09:55 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-05-26 09:55 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-05-26 09:55 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-05-26 09:55 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-26 09:55 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-26 09:55 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-05-26 09:55 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-05-26 09:55 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-05-26 09:55 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-05-26 09:55 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-05-26 09:55 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-05-26 09:55 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-05-26 09:55 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-05-26 09:55 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-05-26 09:55 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-05-26 09:55 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-05-26 09:55 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-05-26 09:55 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-05-26 09:55 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-05-26 09:55 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-05-26 09:55 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-05-26 09:55 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-05-26 09:55 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-05-26 09:55 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-05-26 09:55 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-05-26 09:55 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-26 09:55 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-05-26 09:55 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-26 09:55 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-26 09:55 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-26 09:55 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-05-26 09:55 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-26 09:55 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-26 09:55 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-26 09:55 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-05-26 09:55 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-05-26 09:55 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-26 09:55 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-26 09:55 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-26 09:55 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-26 09:55 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-26 09:55 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-26 09:55 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-26 09:55 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-26 09:55 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-26 09:55 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-26 09:55 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-26 09:55 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-05-26 09:55 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-26 09:55 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-26 09:55 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-26 09:55 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-26 09:55 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-26 09:55 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-26 09:55 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-26 09:55 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-05-26 09:55 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-26 09:55 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-26 09:55 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-26 09:55 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-26 09:55 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-26 09:55 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-26 09:55 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-26 09:55 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-26 09:55 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-26 09:55 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-26 09:55 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-26 09:55 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-26 09:55 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-26 09:55 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-26 09:55 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-05-26 09:55 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-26 09:55 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-26 09:55 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-26 09:55 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-26 09:55 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-26 09:55 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-26 09:55 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-05-26 09:55 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-26 09:55 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-05-26 09:55 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-05-26 09:55 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-26 09:55 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-05-26 09:55 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-05-26 09:55 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-26 09:55 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-05-26 09:55 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-05-26 09:55 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-05-26 09:55 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-05-26 09:55 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-26 09:55 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-05-26 09:55 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-26 09:55 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-05-26 09:55 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-26 09:55 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-05-26 09:55 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-26 09:55 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-05-25 21:18 - 2016-06-12 20:29 - 00000000 ____D C:\Windows.old
2016-05-25 21:18 - 2016-05-25 21:18 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-05-25 21:18 - 2016-05-25 17:30 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-25 21:17 - 2016-05-25 21:17 - 00008192 __RSH C:\BOOTSECT.BAK
2016-05-25 21:17 - 2016-05-25 21:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-25 21:16 - 2016-05-25 21:16 - 00000000 ____D C:\WINDOWS\Setup
2016-05-25 21:14 - 2016-06-12 20:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-25 21:14 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files\MSBuild
2016-05-25 21:14 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-25 21:14 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\0409
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\OCR
2016-05-25 21:14 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-25 21:12 - 2016-05-11 15:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-25 21:12 - 2016-05-11 15:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-25 21:11 - 2016-05-26 12:20 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-25 21:11 - 2016-05-25 21:18 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-25 21:11 - 2016-05-25 21:09 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-05-25 21:11 - 2016-05-25 21:09 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-05-25 21:11 - 2016-05-25 21:09 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-05-25 21:11 - 2016-05-25 21:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-05-25 21:11 - 2016-05-25 21:09 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-05-25 21:11 - 2016-05-25 21:09 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-05-25 21:11 - 2016-05-25 21:09 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-05-25 21:11 - 2016-05-25 21:09 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-05-25 21:11 - 2016-05-25 21:09 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-05-25 21:11 - 2016-05-25 21:09 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-05-25 21:11 - 2016-05-25 21:09 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-05-25 21:11 - 2016-05-25 21:09 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-05-25 21:11 - 2016-05-25 21:09 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-05-25 21:10 - 2016-06-14 18:19 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-25 21:10 - 2016-06-14 18:19 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-25 21:10 - 2016-06-14 18:17 - 00000000 ____D C:\WINDOWS\INF
2016-05-25 21:10 - 2016-06-14 18:07 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-05-25 21:10 - 2016-06-14 18:07 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-25 21:10 - 2016-06-14 18:07 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-25 21:10 - 2016-06-14 09:21 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-25 21:10 - 2016-06-13 16:27 - 00000176 _____ C:\WINDOWS\win.ini
2016-05-25 21:10 - 2016-06-13 10:53 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-05-25 21:10 - 2016-06-13 08:09 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-25 21:10 - 2016-06-13 08:09 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-05-25 21:10 - 2016-06-12 20:59 - 00000000 ____D C:\Program Files\Windows Defender
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 __RSD C:\WINDOWS\Media
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-05-25 21:10 - 2016-06-12 20:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-25 21:10 - 2016-06-12 20:56 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-25 21:10 - 2016-06-12 20:56 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-25 21:10 - 2016-06-12 20:56 - 00000000 ____D C:\WINDOWS\security
2016-05-25 21:10 - 2016-06-12 20:56 - 00000000 ____D C:\WINDOWS\rescache
2016-05-25 21:10 - 2016-06-12 20:45 - 00000000 ____D C:\WINDOWS\registration
2016-05-25 21:10 - 2016-06-12 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-05-25 21:10 - 2016-06-12 20:34 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-25 21:10 - 2016-06-12 20:25 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-25 21:10 - 2016-06-11 19:51 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-05-25 21:10 - 2016-05-27 08:44 - 00000000 ____D C:\WINDOWS\appcompat
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-05-25 21:10 - 2016-05-26 12:20 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-05-25 21:10 - 2016-05-26 09:57 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-05-25 21:10 - 2016-05-25 21:15 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\SystemApps
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\system32\Com
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\WINDOWS\IME
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-05-25 21:10 - 2016-05-25 21:14 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\ias
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-05-25 21:10 - 2016-05-25 21:11 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Web
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Vss
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\tracing
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\TAPI
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SystemResources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\ras
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\System
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SKB
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\schemas
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\SchCache
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Resources
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\PLA
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Performance
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\InputMethod
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Globalization
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Cursors
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\Branding
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\addins
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\ProgramData\Comms
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files\Windows NT
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files\Common Files\Services
2016-05-25 21:10 - 2016-05-25 21:10 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-05-25 21:10 - 2016-05-25 21:09 - 00000219 _____ C:\WINDOWS\system.ini
2016-05-25 21:10 - 2016-05-25 17:33 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-05-25 21:10 - 2016-05-25 17:33 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-05-25 21:10 - 2016-05-25 17:30 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-25 21:10 - 2016-05-25 17:30 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-05-25 21:10 - 2016-05-25 17:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-25 21:10 - 2016-05-25 17:27 - 00000000 ____D C:\WINDOWS\CSC
2016-05-25 21:10 - 2016-05-25 17:23 - 00000000 ____D C:\WINDOWS\Help
2016-05-25 21:10 - 2016-05-25 17:23 - 00000000 ____D C:\ProgramData\USOPrivate
2016-05-25 21:04 - 2016-06-14 17:52 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-25 21:01 - 2016-06-14 18:07 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-25 21:01 - 2016-06-12 20:56 - 00000000 ____D C:\WINDOWS\servicing
2016-05-25 21:01 - 2016-06-02 08:12 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-25 21:01 - 2016-05-25 21:10 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-05-25 21:01 - 2015-10-30 02:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-05-25 20:58 - 2016-06-12 20:25 - 00000000 ___HD C:\$SysReset
2016-05-25 20:48 - 2016-05-25 21:18 - 00000000 _____ C:\Recovery.txt
2016-05-25 17:36 - 2016-05-26 09:53 - 00000000 ____D C:\Users\Darryll\AppData\Local\MicrosoftEdge
2016-05-25 17:35 - 2016-06-13 09:15 - 00002373 _____ C:\Users\Darryll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-25 17:35 - 2016-05-25 17:35 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-05-25 17:34 - 2016-05-25 17:34 - 00000000 ____D C:\Users\Darryll\AppData\Local\ActiveSync
2016-05-25 17:33 - 2016-05-25 17:33 - 00000000 ____D C:\Users\Darryll\AppData\Local\Publishers
2016-05-25 17:32 - 2016-06-14 18:14 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-25 17:32 - 2016-06-14 09:00 - 00000000 ____D C:\Users\Darryll\AppData\Local\Packages
2016-05-25 17:32 - 2016-05-25 17:32 - 00000020 ___SH C:\Users\Darryll\ntuser.ini
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Roaming\Adobe
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Local\VirtualStore
2016-05-25 17:32 - 2016-05-25 17:32 - 00000000 ____D C:\Users\Darryll\AppData\Local\TileDataLayer
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\My Documents
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\My Documents
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\Default User
2016-05-25 17:29 - 2016-05-25 17:29 - 00000000 _SHDL C:\Users\All Users
2016-05-25 17:28 - 2016-06-13 10:26 - 00000000 ____D C:\Users\Darryll
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\My Documents
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Videos
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Pictures
2016-05-25 17:28 - 2016-05-25 17:28 - 00000000 _SHDL C:\Users\Darryll\Documents\My Music
2016-05-25 17:24 - 2016-06-11 11:52 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-25 17:24 - 2016-05-25 17:24 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-05-25 17:23 - 2016-06-12 20:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-25 17:23 - 2016-06-12 20:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-25 17:23 - 2016-06-11 11:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-25 17:23 - 2016-05-25 17:23 - 00000000 ____D C:\ProgramData\USOShared
2016-05-25 17:23 - 2015-08-06 20:24 - 06873904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 03492984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-25 17:23 - 2015-08-06 20:24 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-25 17:23 - 2015-08-06 20:24 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-25 17:23 - 2015-08-03 06:04 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-25 17:22 - 2016-05-28 01:55 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-25 17:20 - 2016-06-14 18:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-25 17:19 - 2016-06-14 18:08 - 00203176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-25 17:19 - 2016-05-25 17:19 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-05-25 15:55 - 2016-05-25 15:55 - 37786896 _____ (Rogers) C:\Users\Darryll\Downloads\RogersTechxpert.exe
2016-05-25 15:19 - 2016-05-25 15:19 - 47590392 _____ (Wireshark development team) C:\Users\Darryll\Downloads\Wireshark-win64-2.0.3.exe
2016-05-25 11:17 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-05-25 11:17 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-05-25 11:16 - 2014-12-02 22:02 - 00017736 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017736 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssadwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017224 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00017224 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssadcm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015944 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssduwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssm_wh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_wh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015872 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_bwh.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015360 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ssm_cm.sys
2016-05-25 11:16 - 2014-12-02 22:02 - 00015360 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\ss_bcm.sys
2016-05-24 16:34 - 2016-05-24 16:34 - 00000000 ____D C:\SWSETUP
2016-05-24 16:15 - 2016-05-24 16:15 - 00000000 ____D C:\NVIDIA
2016-05-24 16:09 - 2016-05-29 09:36 - 00000000 ____D C:\Intel
2016-05-24 16:07 - 2015-10-23 21:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-05-24 16:07 - 2015-10-23 21:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-24 16:07 - 2015-10-23 21:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-24 16:07 - 2015-10-23 21:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-24 15:46 - 2016-05-24 15:46 - 00000000 _____ C:\Users\Darryll\Documents\Default.rdp
2016-05-24 15:26 - 2016-06-14 18:06 - 00000000 ___RD C:\Users\Darryll\OneDrive
2016-05-24 14:48 - 2016-05-24 14:48 - 00000000 ____D C:\ESD
2016-05-24 14:41 - 2016-06-12 18:45 - 00000000 ____D C:\$Windows.~WS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 18:13 - 2016-02-13 09:22 - 00000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories =======

2016-06-06 20:15 - 2016-06-06 20:15 - 0000218 _____ () C:\Users\Darryll\AppData\Local\recently-used.xbel
2016-05-28 08:40 - 2016-05-28 08:40 - 0000017 _____ () C:\Users\Darryll\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Darryll\AppData\Local\Temp\libeay32.dll
C:\Users\Darryll\AppData\Local\Temp\msvcr120.dll
C:\Users\Darryll\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-12 21:26

==================== End of FRST.txt ============================
dmath1n is offline  
Old 06-14-2016, 05:31 PM   #19
Registered Member
 
Join Date: Aug 2003
Location: Toronto ontario canada
Posts: 59
OS: Windows 10



Im sorry I haver a disabled mother and I hit submit but didnt know that the log was too big!
dmath1n is offline  
Old 06-14-2016, 09:04 PM   #20
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, dmath1n. As far as what the cryptor has already done, there isn't really anything to do about that.

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    AVG Zen (Version: 1.61.9 - AVG Technologies) Hidden
    FMW 1 (Version: 1.92.4 - AVG Technologies) Hidden
    HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
    HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\...\RunOnce: [Uninstall C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Darryll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3114928826-3543099305-1459852935-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
    CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>
    CHR HKU\S-1-5-21-3114928826-3543099305-1459852935-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <no Path/update_url>
    S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
    Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "AvgUi" /f
    Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgsvc" /f
    Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "WinZip Preloader.lnk" /f
    Reg: reg delete HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v "Update Notifier.lnk" /f
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:43 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts