-
Assistance with Malware Removal - Tyler
Hello, Tyler here. Thank you for your assistance and time on this matter. I fully respect your time and will aim to resolve this swiftly and efficiently.
The problem is my Firefox browser keeps being redirected and my computers speed/performance is down/ High CPU usage, etc. I have backed up my registry. I have only removed one program prior to running these scans which was a proxy. I am suspicious of the program "Popcorn Time" because it does not allow me to uninstall it. The problem is my Firefox browser keeps being redirected and my computers speed/performance is down/ High CPU usage, etc
Thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2016
Ran by ttwebb (administrator) on TYLER (26-10-2016 21:03:24)
Running from C:\Users\ttwebb\Desktop
Loaded Profiles: ttwebb (Available Profiles: ttwebb)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-608214363-481693584-3176531325-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-608214363-481693584-3176531325-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation)
HKU\S-1-5-21-608214363-481693584-3176531325-1002\...\Run: [Google Update] => C:\Users\ttwebb\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-02] (Google Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-608214363-481693584-3176531325-1002] => hxxp://noneblock.com/wpad.dat?28d415d63dbe42d90870eb86a287d35117977796
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2FA9831F-FA7A-4352-AB92-EC5D16802EA5}: [DhcpNameServer] 40.20.1.201 40.20.1.202
Tcpip\..\Interfaces\{4171B43A-E03C-446A-B223-793CF447942E}: [DhcpNameServer] 192.168.43.1
ManualProxies: 0hxxp://noneblock.com/wpad.dat?28d415d63dbe42d90870eb86a287d35117977796
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-608214363-481693584-3176531325-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-608214363-481693584-3176531325-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-608214363-481693584-3176531325-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
FireFox:
========
FF DefaultProfile: boxg2rbm.default
FF ProfilePath: C:\Users\ttwebb\AppData\Roaming\Mozilla\Firefox\Profiles\boxg2rbm.default [2016-10-26]
FF Homepage: Mozilla\Firefox\Profiles\boxg2rbm.default -> google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-21] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\ttwebb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: @talk.google.com/O1DPlugin -> C:\Users\ttwebb\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: @tools.google.com/Google Update;version=3 -> C:\Users\ttwebb\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: @tools.google.com/Google Update;version=9 -> C:\Users\ttwebb\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2016-10-26] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-608214363-481693584-3176531325-1002: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2016-10-26] (TD Ameritrade)
FF Plugin ProgramFiles/Appdata: C:\Users\ttwebb\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ttwebb\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\2040639755.js [2016-10-07] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\2040639755.cfg [2016-10-07] <==== ATTENTION
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1740760 2014-09-03] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4086560 2016-09-14] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-03] (Popcorn Time) [File not signed]
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\WINDOWS\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-05] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-09-11] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-26 21:03 - 2016-10-26 21:04 - 00011629 _____ C:\Users\ttwebb\Desktop\FRST.txt
2016-10-26 21:01 - 2016-10-26 21:03 - 00000000 ____D C:\FRST
2016-10-26 21:00 - 2016-10-26 21:00 - 02407936 _____ (Farbar) C:\Users\ttwebb\Desktop\FRST64.exe
2016-10-26 20:57 - 2016-10-26 20:57 - 01757184 _____ (Farbar) C:\Users\ttwebb\Downloads\FRST.exe
2016-10-26 20:57 - 2016-10-26 20:57 - 01757184 _____ (Farbar) C:\Users\ttwebb\Downloads\FRST(1).exe
2016-10-26 20:56 - 2016-10-26 20:56 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-TYLER-Windows-8.1-(64-bit).dat
2016-10-26 20:55 - 2016-10-26 20:55 - 00017993 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2016-10-26 20:55 - 2016-10-26 20:55 - 00002258 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-10-26 20:55 - 2016-10-26 20:55 - 00000000 ____D C:\RegBackup
2016-10-26 20:55 - 2016-10-26 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-10-26 20:55 - 2016-10-26 20:55 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-10-26 20:54 - 2016-10-26 20:54 - 05596528 _____ (Tweaking.com) C:\Users\ttwebb\Downloads\tweaking.com_registry_backup_setup.exe
2016-10-26 20:18 - 2016-10-26 20:18 - 00001910 _____ C:\Users\Public\Desktop\thinkorswim.lnk
2016-10-26 20:18 - 2016-10-26 20:18 - 00001910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim.lnk
2016-10-26 20:07 - 2016-10-26 20:07 - 00000000 ____D C:\Users\ttwebb\Downloads\KT
2016-10-21 17:41 - 2016-10-24 00:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-19 07:46 - 2016-10-19 07:46 - 02080960 _____ (Safer-Networking Ltd. ) C:\Users\ttwebb\Downloads\spybotsd2-updater-update-trac4022-attempt1.exe
2016-10-19 07:45 - 2016-10-19 07:45 - 02080960 _____ (Safer-Networking Ltd. ) C:\Users\ttwebb\Downloads\spybotsd2-updater-update-trac4022-v3.exe
2016-10-12 10:55 - 2016-10-12 10:55 - 00001410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-10-12 10:55 - 2016-10-12 10:55 - 00001398 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-10-12 10:55 - 2016-10-12 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-10-12 10:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-10-12 10:42 - 2016-10-12 10:43 - 00558320 _____ (Safer-Networking Ltd. ) C:\Users\ttwebb\Downloads\spybot2-license.exe
2016-10-11 20:22 - 2016-09-30 17:22 - 07444312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-11 20:22 - 2016-09-30 00:55 - 25765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-11 20:22 - 2016-09-29 23:25 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-11 20:22 - 2016-09-29 23:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 20:22 - 2016-09-29 23:12 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-10-11 20:22 - 2016-09-29 23:09 - 06048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 20:22 - 2016-09-29 22:47 - 20306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-11 20:22 - 2016-09-29 22:42 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 20:22 - 2016-09-29 22:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-11 20:22 - 2016-09-29 22:38 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-11 20:22 - 2016-09-29 22:33 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-11 20:22 - 2016-09-29 22:33 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-11 20:22 - 2016-09-29 22:32 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 20:22 - 2016-09-29 22:32 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-10-11 20:22 - 2016-09-29 22:31 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-11 20:22 - 2016-09-29 22:21 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-11 20:22 - 2016-09-29 22:17 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-11 20:22 - 2016-09-29 22:12 - 04608512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 20:22 - 2016-09-29 22:11 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-11 20:22 - 2016-09-29 22:06 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-11 20:22 - 2016-09-29 22:05 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-11 20:22 - 2016-09-29 22:05 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-11 20:22 - 2016-09-29 22:05 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 20:22 - 2016-09-29 22:03 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-11 20:22 - 2016-09-29 21:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-11 20:22 - 2016-09-29 21:46 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-11 20:22 - 2016-09-29 21:43 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-11 20:22 - 2016-09-29 21:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-11 20:22 - 2016-09-17 11:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 20:22 - 2016-09-17 10:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-10-11 20:22 - 2016-09-17 10:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 20:22 - 2016-09-17 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-10-11 20:22 - 2016-09-17 10:02 - 01446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-11 20:22 - 2016-09-13 18:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-11 20:22 - 2016-09-13 18:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-11 20:22 - 2016-09-13 18:53 - 01490112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-11 20:22 - 2016-09-13 18:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-11 20:22 - 2016-09-12 16:48 - 00085680 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-11 20:22 - 2016-09-12 15:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 20:22 - 2016-09-12 14:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 20:22 - 2016-09-09 07:17 - 04170752 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-11 20:22 - 2016-09-09 06:38 - 01629184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-11 20:22 - 2016-09-09 06:38 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-11 20:22 - 2016-09-08 13:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 20:22 - 2016-09-08 07:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 20:22 - 2016-09-08 07:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 20:22 - 2016-09-07 15:07 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-11 20:22 - 2016-09-07 14:59 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 20:22 - 2016-09-07 14:59 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-11 20:22 - 2016-09-07 14:57 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-11 20:22 - 2016-09-07 14:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 20:22 - 2016-08-31 10:22 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 20:22 - 2016-08-31 09:33 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 20:22 - 2016-08-25 13:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-11 20:22 - 2016-08-25 12:40 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-11 20:22 - 2016-08-12 17:05 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-10-11 20:22 - 2016-08-12 17:03 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2016-10-11 20:22 - 2016-08-12 17:02 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2016-10-11 20:22 - 2016-08-12 17:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2016-10-11 20:22 - 2016-08-12 15:35 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2016-10-11 20:22 - 2016-08-12 15:19 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-10-11 20:22 - 2016-08-12 14:47 - 15431168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-11 20:22 - 2016-08-12 14:17 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2016-10-11 20:22 - 2016-08-12 13:52 - 13317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-11 20:22 - 2016-08-11 18:58 - 02315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-11 20:22 - 2016-08-11 18:58 - 01946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-11 20:22 - 2016-08-11 11:33 - 00096256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2016-10-11 20:22 - 2016-08-11 11:33 - 00083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-10-11 20:22 - 2016-08-11 11:33 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2016-10-11 20:22 - 2016-08-11 10:17 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-10-11 20:22 - 2016-08-11 06:39 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 20:22 - 2016-08-10 22:46 - 00420184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-11 20:22 - 2016-08-03 08:42 - 01317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-11 20:22 - 2016-08-03 08:36 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 20:22 - 2016-08-03 08:36 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-11 20:22 - 2016-08-03 08:33 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-10-11 20:22 - 2016-07-30 10:12 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-11 20:22 - 2016-07-30 09:36 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-11 20:22 - 2016-07-26 06:40 - 00162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2016-10-11 20:22 - 2016-07-26 06:40 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-10-11 20:22 - 2016-07-23 11:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-11 20:22 - 2016-07-23 11:12 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-10-11 20:21 - 2016-08-27 12:44 - 22360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-11 20:21 - 2016-08-27 12:44 - 02755504 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-11 20:21 - 2016-08-27 12:44 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-11 20:21 - 2016-08-27 11:26 - 19789232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-11 20:21 - 2016-08-27 11:26 - 02411048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-11 20:21 - 2016-08-27 11:26 - 00113656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2016-10-11 20:21 - 2016-08-27 09:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-10-11 20:21 - 2016-08-27 09:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-10-11 20:21 - 2016-08-27 09:09 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-11 20:21 - 2016-08-27 08:55 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-11 20:21 - 2016-08-20 15:24 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-11 20:21 - 2016-08-20 15:12 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-10 23:25 - 2016-07-12 07:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-10 21:28 - 2016-10-12 02:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-08 22:22 - 2016-09-30 17:15 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-08 22:22 - 2016-09-30 17:15 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-08 22:08 - 2016-05-25 06:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-10-08 22:08 - 2016-05-25 06:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-10-08 22:08 - 2016-05-25 06:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-10-08 22:08 - 2016-05-25 06:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-10-08 21:05 - 2016-06-18 13:06 - 00590688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-08 21:05 - 2016-06-18 13:06 - 00072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-10-08 21:05 - 2016-06-11 12:52 - 00379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-08 21:05 - 2016-06-11 12:52 - 00057184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-10-08 21:05 - 2016-06-11 11:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-10-08 21:05 - 2016-06-11 10:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2016-10-08 21:05 - 2016-06-11 09:50 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-10-08 21:05 - 2016-06-11 09:46 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-10-08 21:05 - 2016-06-11 09:44 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-08 21:05 - 2016-06-11 09:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-08 21:05 - 2016-06-11 09:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-10-08 21:05 - 2016-06-11 09:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-10-08 21:05 - 2016-06-11 09:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-08 21:05 - 2016-06-10 20:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-10-08 21:05 - 2016-06-10 20:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-10-08 21:05 - 2016-06-10 13:07 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-10-08 21:05 - 2016-06-10 11:11 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-08 21:05 - 2016-06-10 11:11 - 01487992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-08 21:05 - 2016-06-10 11:11 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-08 21:05 - 2016-06-10 11:11 - 00125024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-10-08 21:05 - 2016-06-10 11:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2016-10-08 21:05 - 2016-06-10 11:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-10-08 21:05 - 2016-06-09 12:32 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-10-08 21:05 - 2016-06-09 11:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-10-08 21:05 - 2016-06-07 11:10 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-10-08 21:05 - 2016-06-07 10:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hbaapi.dll
2016-10-08 21:05 - 2016-06-03 17:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-08 21:05 - 2016-06-03 17:37 - 01970968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-08 21:05 - 2016-05-18 14:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-10-08 21:05 - 2016-05-18 14:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-10-08 21:05 - 2016-05-18 13:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-10-08 21:05 - 2016-05-18 13:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-10-08 21:05 - 2016-05-18 13:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-08 21:05 - 2016-05-18 13:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-08 21:05 - 2016-05-14 13:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-10-08 21:05 - 2016-05-13 22:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-08 21:05 - 2016-05-13 16:08 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-08 21:05 - 2016-05-13 16:08 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-10-08 21:05 - 2016-05-13 16:08 - 00032512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-10-08 21:05 - 2016-05-13 15:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-08 21:05 - 2016-05-13 14:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-08 21:05 - 2016-05-13 14:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-10-08 21:05 - 2016-05-13 14:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-10-08 21:05 - 2016-05-13 14:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-10-08 21:05 - 2016-05-13 14:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-10-08 21:05 - 2016-05-13 14:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-10-08 21:05 - 2016-05-13 14:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-08 21:05 - 2016-05-13 14:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-10-08 21:05 - 2016-05-13 14:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-10-08 21:05 - 2016-05-13 14:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-10-08 21:05 - 2016-05-13 14:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-10-08 21:05 - 2016-05-12 11:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-10-08 21:05 - 2016-05-12 10:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-10-08 21:05 - 2016-05-06 14:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-10-08 21:05 - 2016-05-05 10:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-10-08 21:05 - 2016-05-05 10:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-08 21:05 - 2016-05-05 09:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-10-08 21:05 - 2016-05-05 09:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-08 21:05 - 2016-05-05 09:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-08 21:05 - 2016-04-09 22:35 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-10-08 21:05 - 2016-04-09 15:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-10-08 21:05 - 2016-04-09 15:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-10-08 21:05 - 2016-04-09 15:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-10-08 21:05 - 2016-04-09 15:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-10-08 21:05 - 2016-04-09 15:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-10-08 21:05 - 2016-04-09 14:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-10-08 21:05 - 2016-04-09 14:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-10-08 21:05 - 2016-04-09 14:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-10-08 21:05 - 2016-04-09 14:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-10-08 21:05 - 2016-04-09 14:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-10-08 21:05 - 2016-04-07 09:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-08 21:05 - 2016-04-06 14:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-10-08 21:05 - 2016-04-06 11:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-08 21:05 - 2016-04-06 11:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-08 21:05 - 2016-04-06 09:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-08 21:05 - 2016-04-05 15:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-10-08 21:05 - 2016-04-02 06:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-10-08 21:05 - 2016-04-01 10:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-08 21:05 - 2016-04-01 09:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-08 21:05 - 2016-04-01 09:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-08 21:05 - 2016-02-05 08:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-10-08 21:05 - 2016-02-05 08:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-10-08 21:05 - 2016-02-05 08:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-10-08 21:05 - 2016-02-04 09:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-10-08 21:05 - 2016-02-04 09:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-10-08 21:05 - 2016-02-04 09:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-10-08 21:05 - 2016-02-04 09:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-10-08 21:05 - 2016-01-31 12:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-10-08 21:05 - 2016-01-31 11:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-08 21:00 - 2016-02-02 11:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-10-08 21:00 - 2016-01-24 04:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-08 21:00 - 2016-01-24 04:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-08 21:00 - 2016-01-08 18:38 - 00091992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-10-08 21:00 - 2015-12-30 14:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-10-08 21:00 - 2015-09-29 05:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-08 21:00 - 2015-09-04 12:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2016-10-08 21:00 - 2015-08-06 09:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-10-08 21:00 - 2015-08-06 09:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-10-08 21:00 - 2015-05-07 09:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-10-08 21:00 - 2015-05-07 08:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-10-08 21:00 - 2015-05-07 08:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2016-10-08 21:00 - 2015-04-29 16:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-10-08 21:00 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-08 21:00 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-08 21:00 - 2015-03-08 19:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2016-10-08 21:00 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2016-10-08 21:00 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2016-10-08 21:00 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-10-08 21:00 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-10-08 21:00 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2016-10-08 21:00 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2016-10-08 20:59 - 2016-08-20 16:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-10-08 20:59 - 2016-08-20 16:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-10-08 20:59 - 2016-08-20 16:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-10-08 20:59 - 2016-08-20 15:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-10-08 20:59 - 2016-08-20 15:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-08 20:59 - 2016-08-20 15:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-08 20:59 - 2016-08-09 15:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-08 20:59 - 2016-08-09 15:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-08 20:59 - 2016-08-04 07:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-10-08 20:59 - 2016-08-03 11:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-08 20:59 - 2016-08-03 11:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-10-08 20:59 - 2016-08-01 23:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-10-08 20:59 - 2016-08-01 22:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-08 20:59 - 2016-08-01 22:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-10-08 20:59 - 2016-07-08 07:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-10-08 20:59 - 2016-07-08 07:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-10-08 20:59 - 2016-06-25 11:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-10-08 20:59 - 2016-06-25 09:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-10-08 20:59 - 2016-06-25 09:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-08 20:59 - 2016-06-25 09:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-08 20:59 - 2016-06-25 09:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-10-08 20:59 - 2016-06-11 10:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-10-08 20:59 - 2016-06-11 10:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-10-08 20:59 - 2016-06-11 09:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-10-08 20:59 - 2016-06-11 09:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-08 20:59 - 2016-06-11 09:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-10-08 20:59 - 2016-03-10 10:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-10-08 20:59 - 2016-03-10 09:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-10-08 20:59 - 2016-03-10 09:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-10-08 20:59 - 2016-02-08 18:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-08 20:59 - 2016-02-08 13:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-08 20:59 - 2016-02-08 13:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-08 20:59 - 2016-02-08 13:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-08 20:59 - 2016-02-08 12:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-10-08 20:59 - 2016-02-08 12:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-08 20:59 - 2016-02-08 12:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-08 20:59 - 2016-02-08 12:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-10-08 20:59 - 2016-02-08 12:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-10-08 20:59 - 2016-02-08 12:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-10-08 20:59 - 2016-02-08 11:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-08 20:59 - 2016-02-08 10:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-08 20:59 - 2016-02-08 10:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-08 20:59 - 2016-02-08 10:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-10-08 20:59 - 2016-02-08 10:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-08 20:59 - 2016-02-08 09:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-08 20:59 - 2016-02-08 09:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-10-08 20:59 - 2016-02-08 09:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-10-08 20:59 - 2016-02-08 09:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-08 20:59 - 2016-02-08 09:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-10-08 20:59 - 2016-02-08 09:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-10-08 20:59 - 2016-02-08 09:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-10-08 20:59 - 2016-02-08 09:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-10-08 20:59 - 2016-02-05 07:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-10-08 20:59 - 2016-02-03 08:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-10-08 20:59 - 2016-02-03 08:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-10-08 20:59 - 2016-02-02 10:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-10-08 20:59 - 2016-02-02 10:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-10-08 20:59 - 2016-02-02 10:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-10-08 20:59 - 2016-02-02 10:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-10-08 20:59 - 2016-02-02 09:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-08 20:59 - 2016-02-02 09:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-10-08 20:59 - 2016-02-02 09:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-10-08 20:59 - 2016-02-02 09:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-08 20:59 - 2016-02-02 09:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-10-08 20:59 - 2016-01-30 12:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-08 20:59 - 2016-01-30 12:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-10-08 20:59 - 2016-01-30 11:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-08 20:59 - 2016-01-30 11:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-10-08 20:59 - 2016-01-30 10:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-10-08 20:59 - 2016-01-30 10:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-10-08 20:59 - 2016-01-21 12:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-08 20:59 - 2016-01-21 11:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-08 20:59 - 2016-01-08 18:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-10-08 20:59 - 2016-01-08 18:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-10-08 20:59 - 2016-01-06 16:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-10-08 20:59 - 2016-01-06 16:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-10-08 20:59 - 2016-01-06 09:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-08 20:59 - 2015-09-02 19:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-08 20:59 - 2015-09-02 19:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-08 20:59 - 2015-08-28 15:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-10-08 20:59 - 2015-07-22 07:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-10-08 20:59 - 2015-07-22 06:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-08 20:59 - 2015-07-17 07:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-08 20:59 - 2015-07-17 07:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-10-08 20:59 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2016-10-08 20:59 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2016-10-08 20:59 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2016-10-08 20:59 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-10-08 20:59 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-10-08 20:59 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-10-08 20:59 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-10-08 20:59 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-08 20:59 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2016-10-08 20:59 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-10-08 20:59 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-10-08 20:59 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-08 20:59 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-08 20:59 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2016-10-08 20:59 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2016-10-08 20:59 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2016-10-08 20:59 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2016-10-08 20:59 - 2014-11-07 19:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-10-08 20:59 - 2014-11-07 19:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-10-08 20:59 - 2014-11-04 18:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2016-10-08 20:59 - 2014-11-04 18:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2016-10-08 20:59 - 2014-11-04 12:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2016-10-08 20:59 - 2014-11-04 12:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2016-10-08 20:59 - 2014-11-03 23:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2016-10-08 20:59 - 2014-11-03 23:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2016-10-08 20:59 - 2014-11-03 23:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-08 20:59 - 2014-11-03 23:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2016-10-08 20:58 - 2016-09-08 14:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-08 20:58 - 2016-09-08 14:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-10-08 20:58 - 2016-08-22 09:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-10-08 20:58 - 2016-08-22 09:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-10-08 20:58 - 2016-08-20 18:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-08 20:58 - 2016-08-20 18:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-10-08 20:58 - 2016-08-20 18:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-10-08 20:58 - 2016-08-20 15:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-10-08 20:58 - 2016-08-14 12:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-08 20:58 - 2016-08-14 09:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-08 20:58 - 2016-08-13 00:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-08 20:58 - 2016-08-12 17:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-10-08 20:58 - 2016-07-09 09:10 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-10-08 20:58 - 2016-07-08 15:35 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-10-08 20:58 - 2016-07-08 07:17 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-08 20:58 - 2016-07-08 07:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-10-08 20:58 - 2016-07-07 15:32 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-10-08 20:58 - 2016-07-07 15:18 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-10-08 20:58 - 2016-07-07 15:10 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-08 20:58 - 2016-07-07 15:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-10-08 20:58 - 2016-07-07 14:04 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-10-08 20:58 - 2016-07-07 13:59 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-10-08 20:58 - 2016-07-07 13:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-10-08 20:58 - 2016-07-07 13:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-08 20:58 - 2016-07-07 13:34 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-08 20:58 - 2016-07-07 13:29 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-08 20:58 - 2016-07-07 13:29 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-10-08 20:58 - 2016-07-07 13:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-10-08 20:58 - 2016-07-07 13:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-10-08 20:58 - 2016-07-07 13:11 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-08 20:58 - 2016-07-07 13:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-08 20:58 - 2016-07-07 13:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2016-10-08 20:58 - 2016-07-07 12:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-10-08 20:58 - 2016-07-07 12:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-10-08 20:58 - 2016-07-03 22:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-08 20:58 - 2016-07-03 20:45 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-10-08 20:58 - 2016-07-03 20:33 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-08 20:58 - 2016-07-03 20:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-10-08 20:58 - 2016-07-03 19:19 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-08 20:58 - 2016-07-01 13:39 - 00197352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
2016-10-08 20:58 - 2016-07-01 13:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssenh.dll
2016-10-08 20:58 - 2016-06-21 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-10-08 20:58 - 2016-06-21 07:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-10-08 20:58 - 2016-06-11 10:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-10-08 20:58 - 2016-05-18 16:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-08 20:58 - 2016-05-18 16:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-10-08 20:58 - 2016-05-18 16:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-10-08 20:58 - 2016-05-18 15:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-10-08 20:58 - 2016-03-14 09:50 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-10-08 20:58 - 2016-03-10 10:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2016-10-08 20:58 - 2016-03-10 09:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-10-08 20:58 - 2016-03-10 09:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll
2016-10-08 20:58 - 2016-03-05 10:44 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-10-08 20:58 - 2016-03-05 10:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-10-08 20:58 - 2016-02-04 11:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-10-08 20:58 - 2016-02-04 10:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-10-08 20:58 - 2016-01-31 10:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-10-08 20:58 - 2016-01-26 12:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-10-08 20:58 - 2016-01-21 22:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-08 20:58 - 2016-01-21 22:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-10-08 20:58 - 2016-01-20 15:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-10-08 20:58 - 2016-01-10 10:08 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-10-08 20:58 - 2016-01-10 09:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-10-08 20:58 - 2016-01-10 09:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-10-08 20:58 - 2015-12-30 13:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-10-08 20:58 - 2015-11-19 07:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-10-08 20:58 - 2015-11-19 07:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-10-08 20:58 - 2015-10-10 23:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-10-08 20:58 - 2015-10-10 23:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2016-10-08 20:58 - 2015-10-10 23:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2016-10-08 20:58 - 2015-10-10 23:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2016-10-08 20:58 - 2015-10-10 11:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2016-10-08 20:58 - 2015-10-10 11:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2016-10-08 20:58 - 2015-10-10 11:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2016-10-08 20:58 - 2015-10-08 09:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2016-10-08 20:58 - 2015-10-08 08:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2016-10-08 20:58 - 2015-10-03 12:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-08 20:58 - 2015-10-03 12:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-10-08 20:58 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-10-08 20:58 - 2015-08-06 10:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2016-10-08 20:58 - 2015-08-06 09:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2016-10-08 20:58 - 2015-07-14 14:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-08 20:58 - 2015-07-14 14:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-10-08 20:58 - 2015-07-14 14:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-10-08 20:58 - 2015-07-09 09:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-08 20:58 - 2015-05-12 06:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-10-08 20:58 - 2015-05-11 09:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-08 20:58 - 2015-05-03 08:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-08 20:58 - 2015-05-03 07:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-10-08 20:58 - 2015-05-03 07:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-10-08 20:58 - 2015-05-03 07:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-10-08 20:58 - 2015-04-24 19:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2016-10-08 20:58 - 2015-04-15 23:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-10-08 20:58 - 2015-04-13 15:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2016-10-08 20:58 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2016-10-08 20:58 - 2015-04-09 17:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-10-08 20:58 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-10-08 20:58 - 2015-03-31 21:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-08 20:58 - 2015-03-31 21:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-10-08 20:58 - 2015-03-31 21:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-10-08 20:58 - 2015-03-31 21:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-10-08 20:58 - 2015-03-31 20:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-08 20:58 - 2015-03-31 20:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-08 20:58 - 2015-03-31 20:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-08 20:58 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-10-08 20:58 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-10-08 20:58 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-10-08 20:58 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-10-08 20:58 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-10-08 20:58 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-10-08 20:58 - 2015-03-12 21:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-08 20:58 - 2015-03-12 21:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-08 20:58 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-08 20:58 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-08 20:58 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-08 20:58 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2016-10-08 20:58 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2016-10-08 20:58 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-10-08 20:58 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2016-10-08 20:58 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2016-10-08 20:58 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-10-08 20:58 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-10-08 20:58 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-10-08 20:58 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-10-08 20:58 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-10-08 20:58 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-10-08 20:58 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-10-08 20:58 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2016-10-08 20:58 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2016-10-08 20:57 - 2016-03-11 17:49 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-08 20:57 - 2016-03-11 17:47 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2016-10-08 20:57 - 2016-03-11 17:47 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2016-10-08 20:57 - 2015-07-16 11:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2016-10-08 20:57 - 2015-06-11 13:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-08 20:57 - 2015-04-28 06:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-10-08 20:57 - 2015-04-28 06:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2016-10-08 20:56 - 2016-01-05 08:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-08 20:56 - 2015-10-05 11:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-10-08 20:45 - 2015-12-20 07:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-10-08 20:45 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-10-08 20:45 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-10-08 20:44 - 2015-04-23 08:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-08 20:44 - 2015-04-23 08:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-10-08 20:43 - 2016-08-11 09:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-08 20:43 - 2016-08-11 09:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-08 20:43 - 2016-08-11 09:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-10-08 20:43 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-10-08 20:43 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-10-08 20:43 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2016-10-07 21:37 - 2016-10-07 21:37 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-30 12:47 - 2016-09-30 21:12 - 00000678 _____ C:\Users\ttwebb\Desktop\Craigslist.txt
2016-09-29 19:24 - 2016-09-29 19:24 - 00000000 _____ C:\Users\ttwebb\Desktop\New Text Document (2).txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-26 21:00 - 2015-11-03 22:22 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-608214363-481693584-3176531325-1002
2016-10-26 20:23 - 2016-03-02 16:07 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-608214363-481693584-3176531325-1002UA.job
2016-10-26 20:19 - 2016-02-04 02:57 - 00000000 ____D C:\Users\ttwebb\.thinkorswim
2016-10-26 20:19 - 2016-02-04 02:57 - 00000000 ____D C:\Program Files\thinkorswim
2016-10-26 20:11 - 2014-11-21 01:44 - 00006428 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-26 13:40 - 2015-11-03 22:16 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{047B1C39-827B-404F-B32E-FDFD2B191B8F}
2016-10-24 16:57 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2016-10-24 16:23 - 2016-03-02 16:07 - 00000872 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-608214363-481693584-3176531325-1002Core.job
2016-10-24 00:24 - 2016-09-12 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 19:32 - 2015-12-08 12:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-20 22:33 - 2015-12-06 23:46 - 00000000 ____D C:\Users\ttwebb\AppData\Roaming\vlc
2016-10-19 07:45 - 2015-11-03 22:47 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-10-15 23:19 - 2016-03-02 16:04 - 00000000 __SHD C:\Users\ttwebb\AppData\Local\EmieUserList
2016-10-15 23:19 - 2016-03-02 16:04 - 00000000 __SHD C:\Users\ttwebb\AppData\Local\EmieSiteList
2016-10-15 23:18 - 2016-03-02 16:05 - 00000000 __SHD C:\Users\ttwebb\AppData\LocalLow\EmieUserList
2016-10-15 23:18 - 2016-03-02 16:04 - 00000000 __SHD C:\Users\ttwebb\AppData\LocalLow\EmieSiteList
2016-10-13 20:55 - 2016-09-23 21:51 - 00000000 ____D C:\Users\ttwebb\Downloads\Direct mail
2016-10-12 11:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2016-10-12 10:55 - 2015-11-03 22:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-10-12 10:44 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-12 10:42 - 2016-05-02 20:46 - 00000923 _____ C:\WINDOWS\wininit.ini
2016-10-12 10:20 - 2013-08-22 07:44 - 00346744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 02:14 - 2014-11-21 08:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-10-12 02:14 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-10-11 22:16 - 2016-09-23 13:47 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-11 22:15 - 2016-09-23 13:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-11 21:18 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-11 21:17 - 2015-11-25 01:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-11 21:15 - 2015-11-25 01:02 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 00:03 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppCompat
2016-10-10 23:26 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-10-10 21:29 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-10 21:28 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-10 21:28 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-10-08 22:17 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-10-08 22:17 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-08 22:17 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-10-08 22:17 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-08 22:17 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-10-08 20:16 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-10-07 21:38 - 2016-09-12 16:47 - 00001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-07 21:38 - 2016-02-19 22:43 - 00001537 _____ C:\Users\ttwebb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-07 21:38 - 2016-01-07 00:06 - 00001278 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-26 00:27 - 2016-09-25 20:12 - 00000826 _____ C:\Users\ttwebb\Desktop\77096 neiborhoods.txt
2016-09-26 00:27 - 2016-09-25 18:41 - 00000656 _____ C:\Users\ttwebb\Desktop\test.txt
Some files in TEMP:
====================
C:\Users\ttwebb\AppData\Local\Temp\i4jdel0.exe
C:\Users\ttwebb\AppData\Local\Temp\SIntf16.dll
C:\Users\ttwebb\AppData\Local\Temp\SIntf32.dll
C:\Users\ttwebb\AppData\Local\Temp\SIntfNT.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-20 15:51
==================== End of FRST.txt ============================
000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-10-26 22:33:33
-----------------------------
22:33:33.562 OS Version: Windows x64 6.2.9200
22:33:33.562 Number of processors: 4 586 0x1301
22:33:33.563 ComputerName: TYLER UserName:
22:33:34.514 Initialize success
22:33:34.517 VM: initialized successfully
22:33:34.518 VM: Amd CPU BiosDisabled
22:33:44.573 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002b
22:33:44.577 Disk 0 Vendor: HGST_HTS541075A9E680 JA2OA590 Size: 715404MB BusType: 11
22:33:44.676 Disk 0 MBR read successfully
22:33:44.681 Disk 0 MBR scan
22:33:44.687 Disk 0 unknown MBR code
22:33:44.694 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:33:44.781 Disk 0 scanning C:\WINDOWS\system32\drivers
22:33:51.816 Service scanning
22:34:14.509 Modules scanning
22:34:14.516 Disk 0 trace - called modules:
22:34:14.532 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amdxata.sys storport.sys hal.dll amdsata.sys
22:34:14.536 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001c36a3060]
22:34:14.543 3 CLASSPNP.SYS[fffff8018b802170] -> nt!IofCallDriver -> [0xffffe001c36a4920]
22:34:14.549 5 hpdskflt.sys[fffff8018bdd242b] -> nt!IofCallDriver -> [0xffffe001c2cc12e0]
22:34:14.554 7 amdxata.sys[fffff8018b3496b4] -> nt!IofCallDriver -> \Device\0000002b[0xffffe001c2c8f060]
22:34:14.559 Disk 0 statistics 113005/0/0 @ 7.92 MB/s
22:34:14.565 Scan finished successfully
22:38:11.870 Disk 0 MBR has been saved successfully to "C:\Users\ttwebb\Desktop\MBR.dat"
22:38:11.880 The log file has been saved successfully to "C:\Users\ttwebb\Desktop\aswMBR.txt"
Last edited by tashi; 2016-10-27 at 07:57.
Reason: Removed email address for your own protection against spam bots. ;-)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
