Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old December 24th, 2016, 11:01 PM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
Infected copy of c:\windows\SysWow64\userinit.exe was found

Infected copy of c:\windows\SysWow64\userinit.exe was found. This is what I found today on my computer. I could tell computer acting slow. what is this and how can I get rid of it. Thanks to all.
Reply With Quote


  #2  
Old December 24th, 2016, 11:37 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,085
Howdy bot96,

What said that file was infected? Post back on that, and let's start checking things.


To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"


If you know how, it's best to disable your antivirus while doing these steps.


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #3  
Old December 25th, 2016, 12:07 AM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Bill (24-12-2016 18:01:27)
Running from C:\Users\Bill\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-12-18 18:32:59)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-1364415001-709502287-1688005167-500 - Administrator - Disabled)
Bill (S-1-5-21-1364415001-709502287-1688005167-1001 - Administrator - Enabled) => C:\Users\Bill
Guest (S-1-5-21-1364415001-709502287-1688005167-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1364415001-709502287-1688005167-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Advanced Spyware Remover (HKLM-x32\...\Advanced Spyware Remover_is1) (Version: 2.0 - IObit)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.27 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avery Design & Print (HKLM-x32\...\Avery Design & Print 3.0.2) (Version: 3.0.2 - Avery Products Corporation)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.20(T) - TOSHIBA CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
ETDWare PS/2-X64 11.8.20.3_WHQL (HKLM\...\Elantech) (Version: 11.8.20.3 - ELAN Microelectronic Corp.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Jack of All Tribes (x32 Version: 2.2.0.97 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickBooks (x32 Version: 24.0.4010.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4010.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29073 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RogueKiller version 12.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.6.0 - Adlice Software)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.13 - Toshiba Corporation)
TOSHIBA Battery Manager (HKLM\...\{5D1FDAAD-7037-4D83-8CA8-39D92F91E73E}) (Version: 9.0.5.64 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.13 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{F5AFF327-9B52-4E96-B5A0-BD2488A8EEC9}) (Version: 1.4.5.64 - Toshiba Corporation)
TOSHIBA Flash Cards (HKLM\...\{F5D089A2-3E02-4471-AA04-3C7B87A60BD4}) (Version: 9.0.5.6401 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.15C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.55C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.15 - TOSHIBA Corporation)
TOSHIBA PC Diagnostic Tool (HKLM-x32\...\{F0794FA5-1809-4FC3-AA4E-48061281B5A2}) (Version: 9.0.3.6400 - Toshiba Corporation)
TOSHIBA Power Saver (HKLM\...\{4573FA6D-5FC1-4CA0-8D90-BAF9325B28ED}) (Version: 9.0.2.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.9.52040013 - Toshiba Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.14C - TOSHIBA CORPORATION)
TOSHIBA System Driver (HKLM\...\{46754F5B-B496-4BCA-87E5-84ACF27FCE0F}) (Version: 9.0.3.6401 - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.0.1 - TOSHIBA)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.52.6 - TOSHIBA) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
WPS Office (10.2.0.5811) (HKU\S-1-5-21-1364415001-709502287-1688005167-1001\...\Kingsoft Office) (Version: 10.2.0.5811 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E582E0E-37B3-4956-9190-3AE705735EB6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-12-18] (AVAST Software)
Task: {4F3A79FD-3810-468E-B2A6-A26BB2EF26CE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-18] (AVAST Software)
Task: {685D81D3-A4CC-46A7-AF94-1B10BD60A775} - System32\Tasks\WpsUpdateTask_Bill => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe [2016-12-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {80A16D6A-7B27-4952-A5E8-8F1175F5D612} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {8D797883-7068-447C-BC6F-00634AD40BFD} - System32\Tasks\WpsExternal_Bill_20161218210850 => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2016-12-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {D03D5E60-159F-4118-9BB8-99788B925846} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {D8EFBA13-95B1-47A8-8A54-2134A92B7F4C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2016-12-18] (Adobe Systems Incorporated)
Task: {DDCA412B-74CE-40CA-908F-745DBA85F060} - System32\Tasks\WpsKtpcntrQingTask_Bill => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exe [2016-12-18] (Zhuhai Kingsoft Office Software Co.,Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\windows\Tasks\WpsExternal_Bill_20161218210850.j ob => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll
Task: C:\windows\Tasks\WpsKtpcntrQingTask_Bill.job => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exeqing 10.2.0.5811 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
Task: C:\windows\Tasks\WpsUpdateTask_Bill.job => C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-08-22 17:19 - 2011-08-22 17:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2016-12-18 13:57 - 2016-12-18 13:57 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-24 14:34 - 2016-12-24 14:34 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16122403\algo.dll
2016-12-18 13:57 - 2016-12-18 13:57 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-18 13:57 - 2016-12-18 13:57 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-12-18 14:35 - 2013-12-10 10:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 00058112 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\krpt.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 09077504 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\QtCore4.dll
2016-12-18 21:08 - 2016-12-18 21:08 - 00196352 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\wpscloudsvrimp.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 00904448 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\QtNetwork4.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 11433216 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\QtWebKit4.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 00248064 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\phonon4.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 00274688 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\curls.dll
2016-12-18 21:08 - 2016-12-18 21:07 - 00150272 _____ () C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\addons\kpluginrunner\kp luginrunner.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-12-24 14:34 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1364415001-709502287-1688005167-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Th emes\TranscodedWallpaper.jpg
DNS Servers: 192.168.169.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{85E1325F-1DC6-4FAF-95BD-AB44BE07DB49}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BCA2E9C-67F5-4AF0-B34C-376480EDF126}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81FF9947-40A5-459E-84B0-D0591BE992D9}] => C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{4EA3CEB6-ACF5-4BAC-A764-32CE378C9B9F}] => LPort=5357
FirewallRules: [{C89A7998-9CAF-428C-B56A-E91BA025C12B}] => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe

==================== Restore Points =========================

18-12-2016 22:39:12 Windows Update
19-12-2016 17:31:51 Windows Update
19-12-2016 17:51:47 Windows Update
19-12-2016 18:04:56 Windows Anytime Upgrade
19-12-2016 18:07:50 Windows Modules Installer
19-12-2016 18:20:27 Windows Update
20-12-2016 19:45:57 Installed Adobe Reader XI.
20-12-2016 19:54:43 JRT Pre-Junkware Removal
20-12-2016 20:21:55 JRT Pre-Junkware Removal
20-12-2016 21:43:04 Windows Update
22-12-2016 19:00:10 JRT Pre-Junkware Removal
23-12-2016 18:37:46 Windows Update
23-12-2016 19:14:52 JRT Pre-Junkware Removal
24-12-2016 15:30:27 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/24/2016 03:26:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 03:25:37 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Runtime.Serialization.SerializationExceptio n: There was an error deserializing the object of type SnappCloud.ActivationReminder.Models.InitClientRes ponse. Encountered unexpected character '<'.
Stack Trace:
at System.Runtime.Serialization.XmlObjectSerializer.R eadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName)
at System.Runtime.Serialization.Json.DataContractJson Serializer.ReadObject(XmlDictionaryReader reader)
at System.Runtime.Serialization.Json.DataContractJson Serializer.ReadObject(Stream stream)
at SnappCloud.ActivationReminder.AraClient.Deserializ eJson[T](String json)
at SnappCloud.ActivationReminder.AraClient.GetRespons eCallback[T](IAsyncResult result)

Error: (12/24/2016 03:23:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x8007043c).

Error: (12/24/2016 03:21:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 02:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 12:35:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 12:35:08 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncRes ult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetRespons eCallback[T](IAsyncResult result)

Error: (12/24/2016 07:34:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/24/2016 07:34:22 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Net.WebException: The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF
Error Data:
(no response)
Stack Trace:
at System.Net.HttpWebRequest.EndGetResponse(IAsyncRes ult asyncResult)
at SnappCloud.ActivationReminder.AraClient.GetRespons eCallback[T](IAsyncResult result)

Error: (12/23/2016 06:42:44 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.Runtime.Serialization.SerializationExceptio n: There was an error deserializing the object of type SnappCloud.ActivationReminder.Models.InitClientRes ponse. Encountered unexpected character '<'.
Stack Trace:
at System.Runtime.Serialization.XmlObjectSerializer.R eadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName)
at System.Runtime.Serialization.Json.DataContractJson Serializer.ReadObject(XmlDictionaryReader reader)
at System.Runtime.Serialization.Json.DataContractJson Serializer.ReadObject(Stream stream)
at SnappCloud.ActivationReminder.AraClient.Deserializ eJson[T](String json)
at SnappCloud.ActivationReminder.AraClient.GetRespons eCallback[T](IAsyncResult result)


System errors:
=============
Error: (12/24/2016 03:23:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server:
{0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}

Error: (12/24/2016 03:21:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:21:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:21:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (12/24/2016 03:20:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.


CodeIntegrity:
===================================
Date: 2016-12-20 20:11:27.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Bill\AppData\Local\T emp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-20 20:11:27.304
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Bill\AppData\Local\T emp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 38%
Total physical RAM: 6031.24 MB
Available physical RAM: 3697.78 MB
Total Virtual: 12060.66 MB
Available Virtual: 10488.15 MB

==================== Drives ================================

Drive c: (TI10695800D) (Fixed) (Total:687.55 GB) (Free:639.64 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 26C92761)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=687.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.6 GB) - (Type=17)

==================== End of Addition.txt ============================
Reply With Quote
  #4  
Old December 25th, 2016, 12:09 AM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Bill (administrator) on BILL-PC (24-12-2016 18:00:44)
Running from C:\Users\Bill\Downloads
Loaded Profiles: Bill (Available Profiles: Bill)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\wpscloudsvr.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3244360 2014-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2853968 2014-02-25] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.exe [287104 2014-04-16] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1604168 2013-11-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [711040 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [1957888 2014-03-18] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2011-03-10] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-18] (AVAST Software)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-03] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-10-01] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-18] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-12-18]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-12-18]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-12-18]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 4500 series.lnk [2016-12-24]
ShortcutTarget: Monitor Ink Alerts - HP ENVY 4500 series.lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.169.1
Tcpip\..\Interfaces\{9AFE71A6-84FA-4D6A-95C4-E69E148150B7}: [DhcpNameServer] 192.168.169.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1364415001-709502287-1688005167-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1364415001-709502287-1688005167-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1364415001-709502287-1688005167-1001 -> DefaultScope {B5DFE89E-1271-4D5D-BA42-7B87E9DBD8C4} URL =
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2015-11-04] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: q7ifpj3d.default
FF ProfilePath: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Prof iles\q7ifpj3d.default [2016-12-24]
FF Homepage: Mozilla\Firefox\Profiles\q7ifpj3d.default -> hxxps://classic.startpage.com/
FF Extension: (Disconnect) - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Prof iles\q7ifpj3d.default\Extensions\2.0@disconnect.me .xpi [2016-12-24]
FF Extension: (NoScript) - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Prof iles\q7ifpj3d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-18]
FF Extension: (Adblock Plus) - C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Prof iles\q7ifpj3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_ 186.dll [2016-12-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_ 186.dll [2016-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp .dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ASRservice; C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe [697104 2009-12-10] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-18] (AVAST Software)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-11-04] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS. exe [65536 2015-11-03] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2015-11-03] (Intuit Inc.) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
S4 SymSilent; C:\Program Files (x86)\SymSilent\SymSilent.exe [1061296 2016-12-18] (Symantec Corporation)
S4 taisregispinger; C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger .exe [2186240 2012-04-25] (Toshiba America Information Systems.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 wpscloudsvr; C:\Users\Bill\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [173824 2016-12-18] (Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [37656 2016-12-18] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [108816 2016-12-18] (AVAST Software)
S3 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [103064 2016-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-18] (AVAST Software)
S3 aswSnx; C:\windows\system32\drivers\aswSnx.sys [969184 2016-12-18] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [513632 2016-12-18] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [163416 2016-12-18] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-18] (AVAST Software)
R3 ETDSMBus; C:\windows\System32\DRIVERS\ETDSMBus.sys [24904 2014-02-06] (ELAN Microelectronic Corp.)
R0 iaStorF; C:\windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
S3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [43968 2016-12-18] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-18] (Malwarebytes)
S3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [81696 2016-12-18] (Malwarebytes)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 PSI; C:\windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
R3 RSP2STOR; C:\windows\System32\DRIVERS\RtsP2Stor.sys [291032 2013-11-22] (Realtek Semiconductor Corp.)
S3 Tosrfcom; no ImagePath
S3 catchme; \??\C:\Users\Bill\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-24 18:00 - 2016-12-24 18:01 - 00014450 _____ C:\Users\Bill\Downloads\FRST.txt
2016-12-24 17:59 - 2016-12-24 18:00 - 00000000 ____D C:\FRST
2016-12-24 17:58 - 2016-12-24 17:59 - 02420736 _____ (Farbar) C:\Users\Bill\Downloads\FRST64.exe
2016-12-24 17:20 - 2016-12-24 17:20 - 00110331 _____ C:\Users\Bill\Documents\Cover Page.pdf
2016-12-24 17:19 - 2016-12-24 17:19 - 00351019 _____ C:\Users\Bill\Documents\Sentara Hospital 12.pdf
2016-12-24 17:18 - 2016-12-24 17:18 - 00313784 _____ C:\Users\Bill\Documents\Sentara Hospital 11.pdf
2016-12-24 17:17 - 2016-12-24 17:17 - 00365343 _____ C:\Users\Bill\Documents\Sentara Hospital 10.pdf
2016-12-24 17:16 - 2016-12-24 17:16 - 00472445 _____ C:\Users\Bill\Documents\Sentara Hospital 8.pdf
2016-12-24 17:16 - 2016-12-24 17:16 - 00354504 _____ C:\Users\Bill\Documents\Sentara Hospital 9.pdf
2016-12-24 17:15 - 2016-12-24 17:15 - 00219254 _____ C:\Users\Bill\Documents\Sentara Hospital 7.pdf
2016-12-24 17:14 - 2016-12-24 17:14 - 00347788 _____ C:\Users\Bill\Documents\Sentara Hospital 6.pdf
2016-12-24 17:13 - 2016-12-24 17:13 - 00364636 _____ C:\Users\Bill\Documents\Sentara Hospital 5.pdf
2016-12-24 17:12 - 2016-12-24 17:12 - 00423992 _____ C:\Users\Bill\Documents\Sentara Hospital 3.pdf
2016-12-24 17:12 - 2016-12-24 17:12 - 00365560 _____ C:\Users\Bill\Documents\Sentara Hospital 4.pdf
2016-12-24 17:11 - 2016-12-24 17:11 - 00286707 _____ C:\Users\Bill\Documents\Sentara Hospital 2.pdf
2016-12-24 17:10 - 2016-12-24 17:10 - 00422542 _____ C:\Users\Bill\Documents\Sentara Hospital.pdf
2016-12-24 17:08 - 2016-12-24 17:08 - 00508617 _____ C:\Users\Bill\Documents\Police Report 3.pdf
2016-12-24 17:07 - 2016-12-24 17:07 - 00545444 _____ C:\Users\Bill\Documents\Police Report 2.pdf
2016-12-24 17:05 - 2016-12-24 17:05 - 00441644 _____ C:\Users\Bill\Documents\Police Report.pdf
2016-12-24 15:51 - 2016-12-24 15:51 - 00028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2016-12-24 15:50 - 2016-12-24 16:55 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-24 15:50 - 2016-12-24 15:50 - 00000869 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-12-24 15:50 - 2016-12-24 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-12-24 15:50 - 2016-12-24 15:50 - 00000000 ____D C:\Program Files\RogueKiller
2016-12-24 15:49 - 2016-12-24 15:50 - 34221208 _____ (Adlice Software ) C:\Users\Bill\Downloads\setup.exe
2016-12-24 15:19 - 2016-12-24 15:19 - 00103088 _____ C:\windows\ntbtlog.txt
2016-12-24 14:39 - 2016-12-24 14:39 - 00031454 _____ C:\ComboFix.txt
2016-12-23 18:38 - 2016-12-23 18:38 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_ICCWDT_010 09.Wdf
2016-12-22 18:43 - 2016-12-22 18:43 - 00000000 ____D C:\Users\Bill\AppData\Local\Apps\2.0
2016-12-22 18:36 - 2016-12-22 18:36 - 00000000 ____D C:\Users\Bill\AppData\LocalLow\Adobe
2016-12-22 18:20 - 2016-12-22 18:21 - 00051513 _____ C:\Users\Bill\Documents\126 Bald Eagle inside trim..pdf
2016-12-22 18:20 - 2016-12-22 18:20 - 00000000 ____D C:\Users\Bill\AppData\LocalLow\Temp
2016-12-20 21:48 - 2016-12-20 21:48 - 00000490 _____ C:\Users\Bill\Downloads\notification_area_cleaner_ 1.zip
2016-12-20 21:16 - 2016-12-20 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Spyware Remover
2016-12-20 21:15 - 2016-12-20 21:15 - 09776496 _____ (IObit ) C:\Users\Bill\Downloads\AdvancedSpywareRemoverSetu p.exe
2016-12-20 20:48 - 2016-12-20 20:48 - 01496584 _____ C:\Users\Bill\Downloads\spybot-search-destroy.exe
2016-12-20 20:05 - 2016-12-24 14:39 - 00000000 ____D C:\Qoobox
2016-12-20 20:05 - 2016-12-24 14:34 - 00000000 ____D C:\windows\erdnt
2016-12-20 20:05 - 2011-06-26 01:45 - 00256000 _____ C:\windows\PEV.exe
2016-12-20 20:05 - 2010-11-07 12:20 - 00208896 _____ C:\windows\MBR.exe
2016-12-20 20:05 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-12-20 20:05 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-12-20 20:05 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-12-20 20:05 - 2000-08-30 19:00 - 00098816 _____ C:\windows\sed.exe
2016-12-20 20:05 - 2000-08-30 19:00 - 00080412 _____ C:\windows\grep.exe
2016-12-20 20:05 - 2000-08-30 19:00 - 00068096 _____ C:\windows\zip.exe
2016-12-20 20:04 - 2016-12-20 20:04 - 05659917 ____R (Swearware) C:\Users\Bill\Downloads\ComboFix.exe
2016-12-20 19:46 - 2016-12-22 18:47 - 00000000 ____D C:\ProgramData\Adobe
2016-12-19 18:24 - 2016-12-19 18:24 - 00000000 ____D C:\windows\CSC
2016-12-19 18:17 - 2015-07-16 14:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-12-19 18:17 - 2015-07-16 14:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2016-12-19 18:17 - 2015-07-16 14:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-12-19 18:17 - 2015-07-16 14:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-12-19 18:17 - 2015-07-16 14:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2016-12-19 18:17 - 2015-07-16 14:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-12-19 18:17 - 2015-07-11 08:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2016-12-19 18:16 - 2016-05-13 17:09 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-12-19 18:16 - 2016-05-13 17:09 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-12-19 18:16 - 2016-05-13 17:09 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-12-19 18:16 - 2016-05-13 17:07 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-12-19 18:16 - 2016-05-13 16:55 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-12-19 18:16 - 2016-05-13 16:53 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-12-19 18:16 - 2016-05-13 16:53 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-12-19 18:16 - 2016-05-13 16:52 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-12-19 18:16 - 2016-05-13 16:52 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-12-19 18:16 - 2016-05-13 16:52 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-12-19 18:16 - 2016-05-13 16:52 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-12-19 18:16 - 2016-05-13 16:50 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-12-19 18:16 - 2016-05-13 16:38 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-12-19 18:16 - 2016-05-13 16:38 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-12-19 18:16 - 2016-05-13 16:38 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-12-19 18:16 - 2016-05-13 16:38 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-12-19 18:16 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2016-12-19 18:16 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2016-12-19 18:16 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2016-12-19 18:16 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2016-12-19 18:16 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2016-12-19 18:16 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2016-12-19 18:16 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2016-12-19 18:16 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2016-12-19 18:16 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2016-12-19 18:16 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2016-12-19 18:15 - 2016-05-12 10:18 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-12-19 18:11 - 2009-06-10 15:30 - 00053551 _____ C:\windows\Professional.xml
2016-12-19 17:49 - 2015-12-20 13:50 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-12-19 17:49 - 2015-12-20 13:50 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-12-19 17:49 - 2015-12-20 09:08 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-12-18 22:37 - 2016-08-16 15:40 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2016-12-18 22:37 - 2016-08-16 15:40 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2016-12-18 22:37 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2016-12-18 21:58 - 2016-12-18 21:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-12-18 21:38 - 2016-12-20 21:16 - 00000000 ____D C:\ProgramData\IObit
2016-12-18 21:38 - 2016-12-20 21:16 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-18 21:38 - 2016-12-18 21:57 - 00000000 ____D C:\Users\Bill\AppData\Roaming\IObit
2016-12-18 21:38 - 2016-12-18 21:38 - 00000000 ____D C:\Users\Bill\AppData\LocalLow\IObit
2016-12-18 21:38 - 2016-02-25 18:40 - 00035696 _____ (IObit) C:\windows\system32\SmartDefragBootTime.exe
2016-12-18 21:38 - 2016-01-13 18:23 - 00125216 _____ (IObit) C:\windows\system32\IObitSmartDefragExtension.dll
2016-12-18 21:26 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2016-12-18 21:26 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyCon trol.exe
2016-12-18 21:26 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExt ension.dll
2016-12-18 21:26 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2016-12-18 21:26 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2016-12-18 21:26 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2016-12-18 21:26 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2016-12-18 21:26 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2016-12-18 21:26 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2016-12-18 21:26 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2016-12-18 21:21 - 2016-12-18 21:24 - 00000000 ____D C:\windows\system32\MRT
2016-12-18 21:20 - 2016-12-18 21:20 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-18 21:19 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2016-12-18 21:19 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2016-12-18 21:19 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2016-12-18 21:19 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2016-12-18 21:16 - 2015-08-05 12:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-12-18 21:16 - 2015-08-05 12:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-12-18 21:14 - 2015-12-16 13:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-12-18 21:14 - 2015-12-16 13:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-12-18 21:14 - 2015-12-16 13:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-12-18 21:14 - 2015-12-16 13:48 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2016-12-18 21:14 - 2015-12-16 13:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2016-12-18 21:14 - 2015-12-16 13:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2016-12-18 21:08 - 2016-12-24 17:37 - 00000702 _____ C:\windows\Tasks\WpsKtpcntrQingTask_Bill.job
2016-12-18 21:08 - 2016-12-24 17:26 - 00000386 _____ C:\windows\Tasks\WpsUpdateTask_Bill.job
2016-12-18 21:08 - 2016-12-24 17:15 - 00000580 _____ C:\windows\Tasks\WpsExternal_Bill_20161218210850.j ob
2016-12-18 21:08 - 2016-12-18 21:08 - 00003620 _____ C:\windows\System32\Tasks\WpsKtpcntrQingTask_Bill
2016-12-18 21:08 - 2016-12-18 21:08 - 00003562 _____ C:\windows\System32\Tasks\WpsExternal_Bill_2016121 8210850
2016-12-18 21:08 - 2016-12-18 21:08 - 00003368 _____ C:\windows\System32\Tasks\WpsUpdateTask_Bill
2016-12-18 21:08 - 2016-12-18 21:08 - 00002363 _____ C:\Users\Bill\Desktop\WPS Writer.lnk
2016-12-18 21:08 - 2016-12-18 21:08 - 00002345 _____ C:\Users\Bill\Desktop\WPS Spreadsheets.lnk
2016-12-18 21:08 - 2016-12-18 21:08 - 00000000 ____D C:\Users\Bill\AppData\Roaming\wps
2016-12-18 21:08 - 2016-12-18 21:08 - 00000000 ____D C:\Users\Bill\AppData\Roaming\office6
2016-12-18 21:08 - 2016-12-18 21:08 - 00000000 ____D C:\Users\Bill\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\WPS Office
2016-12-18 21:07 - 2016-12-18 21:08 - 00000000 ____D C:\Users\Bill\AppData\Roaming\kingsoft
2016-12-18 21:07 - 2016-12-18 21:08 - 00000000 ____D C:\ProgramData\kingsoft
2016-12-18 21:07 - 2016-12-18 21:07 - 00000000 ____D C:\Users\Bill\AppData\Local\Kingsoft
2016-12-18 21:03 - 2016-12-18 21:03 - 00002093 _____ C:\Users\Public\Desktop\Design&Print.lnk
2016-12-18 21:03 - 2016-12-18 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Products
2016-12-18 21:00 - 2016-12-18 21:03 - 00000000 ____D C:\Program Files (x86)\Design&Print
2016-12-18 20:57 - 2016-12-18 20:58 - 469859160 _____ (Avery Products Corporation) C:\Users\Bill\Downloads\DesignPrint-3.0.2.exe
2016-12-18 20:54 - 2016-12-18 20:54 - 00001080 _____ C:\Users\Bill\Desktop\Secunia PSI.lnk
2016-12-18 20:48 - 2016-12-18 20:48 - 00000000 ____D C:\ProgramData\SoftMaker
2016-12-18 20:46 - 2016-12-18 20:52 - 00000000 ____D C:\Users\Bill\AppData\Roaming\SoftMaker
2016-12-18 20:46 - 2016-12-18 20:51 - 00000000 ____D C:\Users\Bill\Documents\SoftMaker
2016-12-18 20:27 - 2016-12-18 22:29 - 00250816 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-18 20:27 - 2016-12-18 22:29 - 00102856 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2016-12-18 20:27 - 2016-12-18 22:29 - 00081696 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2016-12-18 20:27 - 2016-12-18 22:29 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-12-18 20:27 - 2016-12-18 20:27 - 00176064 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2016-12-18 20:27 - 2016-12-18 20:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-18 20:27 - 2016-12-18 20:27 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-18 20:27 - 2016-11-29 06:27 - 00077408 _____ C:\windows\system32\Drivers\mbae64.sys
2016-12-18 20:17 - 2016-12-18 20:25 - 00000000 ____D C:\Users\Bill\AppData\Roaming\HpUpdate
2016-12-18 20:17 - 2016-12-18 20:17 - 00002187 _____ C:\Users\Public\Desktop\HP ENVY 4500 series.lnk
2016-12-18 20:17 - 2016-12-18 20:17 - 00000057 _____ C:\ProgramData\Ament.ini
2016-12-18 20:17 - 2016-12-18 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-18 20:17 - 2016-12-18 20:17 - 00000000 ____D C:\ProgramData\HP
2016-12-18 20:17 - 2016-12-18 20:17 - 00000000 ____D C:\Program Files\HP
2016-12-18 20:17 - 2016-12-18 20:17 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-18 20:17 - 2014-07-21 16:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\windows\system32\HPDiscoPMC511.dll
2016-12-18 20:16 - 2016-12-18 20:17 - 00000000 ____D C:\Users\Bill\AppData\Local\HP
2016-12-18 20:15 - 2016-12-18 20:15 - 115414256 _____ C:\Users\Bill\Downloads\EN4500_198.exe
2016-12-18 19:53 - 2016-12-18 19:53 - 00000000 ___SD C:\windows\system32\CompatTel
2016-12-18 19:53 - 2016-12-18 19:53 - 00000000 ____D C:\windows\system32\appraiser
2016-12-18 19:30 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2016-12-18 19:30 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
2016-12-18 17:39 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2016-12-18 17:39 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2016-12-18 17:39 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2016-12-18 17:39 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2016-12-18 17:39 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2016-12-18 17:39 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2016-12-18 17:39 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2016-12-18 17:39 - 2012-06-02 09:57 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_User_01_11_00_ Inbox_Critical.Wdf
2016-12-18 17:13 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-12-18 17:13 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-12-18 17:13 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-12-18 17:13 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-12-18 17:13 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-12-18 17:13 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-12-18 17:13 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-12-18 17:13 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-12-18 16:49 - 2016-08-12 11:26 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-12-18 16:49 - 2016-08-12 11:26 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-12-18 16:49 - 2016-08-12 11:26 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-12-18 16:49 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-12-18 16:49 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-12-18 16:49 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-12-18 16:49 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-12-18 16:49 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-12-18 16:49 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-12-18 16:49 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2016-12-18 16:49 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2016-12-18 16:49 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2016-12-18 16:49 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2016-12-18 16:49 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2016-12-18 16:49 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2016-12-18 16:49 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2016-12-18 16:48 - 2016-03-16 13:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-12-18 16:48 - 2016-03-16 13:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-12-18 16:48 - 2016-03-16 13:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-12-18 16:48 - 2016-03-06 13:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-12-18 16:48 - 2016-03-06 13:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-12-18 16:48 - 2016-03-06 13:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-12-18 16:48 - 2016-03-06 13:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-12-18 16:48 - 2016-02-02 13:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-12-18 16:48 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-12-18 16:47 - 2016-03-17 17:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-12-18 16:47 - 2016-03-17 17:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-12-18 16:47 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-12-18 16:46 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-12-18 16:46 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-12-18 16:46 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-12-18 16:46 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-12-18 16:46 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-12-18 16:46 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-12-18 16:46 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-12-18 16:46 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-12-18 16:46 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-12-18 16:46 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-12-18 16:46 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-12-18 16:46 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-12-18 16:45 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-12-18 16:45 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2016-12-18 16:45 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2016-12-18 16:45 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2016-12-18 16:45 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2016-12-18 16:45 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2016-12-18 16:45 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2016-12-18 16:45 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2016-12-18 16:45 - 2016-01-20 19:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-12-18 16:45 - 2015-11-19 09:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-18 16:45 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-18 16:45 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2016-12-18 16:45 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2016-12-18 16:44 - 2015-07-09 12:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-12-18 16:44 - 2015-07-09 12:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2016-12-18 16:44 - 2015-07-09 12:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2016-12-18 16:44 - 2015-07-09 12:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2016-12-18 16:44 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2016-12-18 16:44 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2016-12-18 16:44 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2016-12-18 16:43 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-12-18 16:43 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2016-12-18 16:43 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2016-12-18 16:43 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2016-12-18 16:42 - 2016-09-12 16:17 - 00077032 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-12-18 16:42 - 2016-09-12 16:08 - 01226752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 01629184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00586752 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00273408 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-12-18 16:42 - 2016-09-09 10:54 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-12-18 16:42 - 2016-04-09 02:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-12-18 16:42 - 2016-04-09 02:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-12-18 16:42 - 2016-04-09 01:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-12-18 16:42 - 2016-03-23 17:40 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitst
Reply With Quote
  #5  
Old December 25th, 2016, 12:12 AM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
poration) C:\windows\SysWOW64\ieapfltr.dll
2016-12-18 16:39 - 2016-09-15 09:56 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-12-18 16:39 - 2016-08-22 11:19 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-12-18 16:39 - 2016-05-11 12:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-12-18 16:39 - 2016-05-11 10:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-12-18 16:39 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-12-18 16:39 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-12-18 16:39 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2016-12-18 16:39 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2016-12-18 16:39 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2016-12-18 16:38 - 2016-11-21 13:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-18 16:38 - 2016-11-21 13:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-18 16:38 - 2016-11-21 13:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-18 16:38 - 2016-11-21 13:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-18 16:38 - 2016-11-20 11:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-18 16:38 - 2016-11-20 11:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-18 16:38 - 2016-11-20 11:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-18 16:38 - 2016-11-20 11:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-18 16:38 - 2016-11-20 11:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-18 16:38 - 2016-11-20 11:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-18 16:38 - 2016-11-20 11:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-18 16:38 - 2016-11-20 10:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-18 16:38 - 2016-11-20 10:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-18 16:38 - 2016-11-20 10:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-18 16:38 - 2016-11-20 10:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-18 16:38 - 2016-11-20 10:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-18 16:38 - 2016-11-20 10:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-18 16:38 - 2016-11-20 09:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-18 16:38 - 2016-11-17 11:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-18 16:38 - 2016-11-12 14:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-18 16:38 - 2016-11-12 14:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-18 16:38 - 2016-11-12 14:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-18 16:38 - 2016-11-12 14:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-18 16:38 - 2016-11-12 14:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-18 16:38 - 2016-11-12 14:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-18 16:38 - 2016-11-12 14:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-18 16:38 - 2016-11-12 13:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-18 16:38 - 2016-11-12 13:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-18 16:38 - 2016-11-12 13:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-18 16:38 - 2016-11-12 13:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-18 16:38 - 2016-11-12 13:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-18 16:38 - 2016-11-12 13:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-18 16:38 - 2016-11-12 13:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-18 16:38 - 2016-11-12 13:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-18 16:38 - 2016-11-12 12:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-18 16:38 - 2016-11-12 12:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-18 16:38 - 2016-11-10 11:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-18 16:38 - 2016-11-10 11:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-18 16:38 - 2016-11-09 11:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-18 16:38 - 2016-11-09 11:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-18 16:38 - 2016-11-09 11:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-18 16:38 - 2016-11-09 11:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-18 16:38 - 2016-11-09 11:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-18 16:38 - 2016-11-09 11:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-18 16:38 - 2016-11-09 11:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-18 16:38 - 2016-11-09 11:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-18 16:38 - 2016-11-09 11:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-18 16:38 - 2016-11-09 11:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-18 16:38 - 2016-11-09 11:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-18 16:38 - 2016-11-09 11:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-18 16:38 - 2016-11-09 11:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-18 16:38 - 2016-11-09 10:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-18 16:38 - 2016-11-06 11:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-18 16:38 - 2016-11-06 11:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-18 16:38 - 2016-11-06 11:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-18 16:38 - 2016-11-02 10:36 - 00382696 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-12-18 16:38 - 2016-11-02 10:32 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-12-18 16:38 - 2016-11-02 10:32 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-12-18 16:38 - 2016-11-02 10:32 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-12-18 16:38 - 2016-11-02 10:32 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-12-18 16:38 - 2016-11-02 10:22 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-12-18 16:38 - 2016-11-02 10:16 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-12-18 16:38 - 2016-11-02 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-12-18 16:38 - 2016-11-02 10:16 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-12-18 16:38 - 2016-11-02 09:53 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-12-18 16:38 - 2016-10-27 10:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-18 16:38 - 2016-10-27 10:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-18 16:38 - 2016-10-15 10:31 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-12-18 16:38 - 2016-10-15 10:31 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2016-12-18 16:38 - 2016-10-15 10:13 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-12-18 16:38 - 2016-10-15 10:13 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2016-12-18 16:38 - 2016-10-11 10:40 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-12-18 16:38 - 2016-10-11 10:37 - 05547752 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-12-18 16:38 - 2016-10-11 10:37 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-12-18 16:38 - 2016-10-11 10:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-12-18 16:38 - 2016-10-11 10:32 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
2016-12-18 16:38 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2016-12-18 16:38 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\tintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\quick.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\qintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\phon.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\cintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\chajei.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\pintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:31 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:24 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-12-18 16:38 - 2016-10-11 10:24 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-12-18 16:38 - 2016-10-11 10:21 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
2016-12-18 16:38 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2016-12-18 16:38 - 2016-10-11 10:18 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\tintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\quick.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\phon.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\cintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\chajei.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\pintlgnt.ime
2016-12-18 16:38 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 10:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-12-18 16:38 - 2016-10-11 10:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-12-18 16:38 - 2016-10-11 10:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-12-18 16:38 - 2016-10-11 09:59 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-12-18 16:38 - 2016-10-11 09:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-12-18 16:38 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2016-12-18 16:38 - 2016-10-11 09:55 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-12-18 16:38 - 2016-10-11 09:51 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-12-18 16:38 - 2016-10-11 09:51 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-12-18 16:38 - 2016-10-11 09:51 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-12-18 16:38 - 2016-10-11 09:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-12-18 16:38 - 2016-10-11 09:50 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 09:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 09:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 09:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-18 16:38 - 2016-10-11 08:33 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2016-12-18 16:38 - 2016-10-11 08:18 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2016-12-18 16:38 - 2016-10-11 08:17 - 00419648 _____ C:\windows\system32\locale.nls
2016-12-18 16:38 - 2016-10-11 08:06 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-12-18 16:38 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-12-18 16:38 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-12-18 16:38 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-12-18 16:38 - 2016-10-07 10:32 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-12-18 16:38 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2016-12-18 16:38 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-12-18 16:38 - 2016-10-07 10:12 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-12-18 16:38 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-12-18 16:38 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-12-18 16:38 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-12-18 16:38 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-12-18 16:38 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-12-18 16:38 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-12-18 16:38 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-12-18 16:38 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-12-18 16:38 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-12-18 16:38 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2016-12-18 16:38 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2016-12-18 16:38 - 2016-09-12 14:08 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-12-18 16:38 - 2016-09-12 13:43 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-12-18 16:38 - 2016-09-12 13:43 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-12-18 16:38 - 2016-09-09 13:20 - 00756736 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-12-18 16:38 - 2016-09-09 13:00 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2016-12-18 16:38 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-12-18 16:38 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-12-18 16:38 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-12-18 16:38 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-12-18 16:38 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-12-18 16:38 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2016-12-18 16:38 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-12-18 16:38 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-12-18 16:38 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-12-18 16:38 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-12-18 16:38 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-12-18 16:38 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-12-18 16:38 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-12-18 16:38 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-12-18 16:38 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-12-18 16:38 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-12-18 16:38 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\WsmRes.dll
2016-12-18 16:38 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll
2016-12-18 16:38 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-12-18 16:38 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-12-18 16:38 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-12-18 16:38 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-12-18 16:38 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmRes.dll
2016-12-18 16:38 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-12-18 16:38 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wsmprovhost.exe
2016-12-18 16:38 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-12-18 16:38 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmprovhost.exe
2016-12-18 16:38 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsmplpxy.dll
2016-12-18 16:38 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-12-18 16:38 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2016-12-18 16:38 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-12-18 16:38 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2016-12-18 16:38 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2016-12-18 16:38 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-12-18 16:38 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2016-12-18 16:38 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-12-18 16:38 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-12-18 16:38 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-12-18 16:38 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-12-18 16:38 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2016-12-18 16:38 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2016-12-18 16:38 - 2016-05-12 08:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-12-18 16:38 - 2016-05-12 08:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-12-18 16:38 - 2016-03-23 17:43 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2016-12-18 16:38 - 2016-03-23 17:40 - 00546656 _____ (Microsoft Corporation) C:\windows\system32\winre
Reply With Quote
  #6  
Old December 25th, 2016, 12:13 AM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
2016-12-18 16:37 - 2016-04-14 08:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-12-18 16:37 - 2016-04-14 08:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-12-18 16:37 - 2015-12-08 16:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-12-18 16:37 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-12-18 16:37 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-12-18 16:37 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-12-18 16:37 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-12-18 16:37 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-12-18 16:37 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-12-18 16:37 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-12-18 16:37 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-12-18 16:37 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01393152 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-12-18 16:37 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-12-18 16:37 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-12-18 16:37 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-12-18 16:37 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-12-18 16:37 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-12-18 16:37 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-12-18 16:37 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2016-12-18 16:37 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2016-12-18 16:36 - 2016-08-29 10:31 - 14183424 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-12-18 16:36 - 2016-08-29 10:31 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-12-18 16:36 - 2016-08-29 10:12 - 12880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-12-18 16:36 - 2016-08-29 10:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-12-18 16:36 - 2016-08-29 10:04 - 03229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-12-18 16:36 - 2016-08-29 09:55 - 02972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-12-18 16:36 - 2016-05-11 12:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-12-18 16:36 - 2016-05-11 12:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-12-18 16:36 - 2016-05-11 12:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-12-18 16:36 - 2016-05-11 10:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-12-18 16:36 - 2016-05-11 10:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-12-18 16:36 - 2016-05-11 10:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-12-18 16:36 - 2016-05-11 10:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-12-18 16:36 - 2016-05-11 10:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-12-18 16:36 - 2016-05-11 09:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-12-18 16:36 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-12-18 16:36 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-12-18 16:36 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-12-18 16:36 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-12-18 16:36 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-12-18 16:36 - 2015-08-27 13:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-12-18 16:36 - 2015-08-27 13:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-12-18 16:36 - 2015-08-27 12:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-12-18 16:36 - 2015-08-27 12:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-12-18 16:36 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2016-12-18 16:36 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2016-12-18 16:36 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-12-18 16:36 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-12-18 16:36 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-12-18 16:36 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-12-18 16:36 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-12-18 16:36 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-12-18 16:36 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2016-12-18 16:36 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2016-12-18 16:36 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2016-12-18 16:35 - 2016-05-12 12:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-12-18 16:35 - 2016-05-12 12:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-12-18 16:35 - 2016-05-12 12:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-12-18 16:35 - 2016-05-12 10:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-12-18 16:35 - 2016-05-12 10:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-12-18 16:35 - 2016-05-12 10:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-12-18 16:35 - 2016-05-12 10:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-12-18 16:35 - 2016-05-12 10:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-12-18 16:35 - 2016-05-12 10:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-12-18 16:35 - 2016-05-12 09:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-12-18 16:35 - 2016-05-12 09:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-12-18 16:35 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-12-18 16:34 - 2016-03-09 14:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-12-18 16:34 - 2016-03-09 13:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-12-18 16:34 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-12-18 16:34 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-12-18 16:34 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-12-18 16:34 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-12-18 16:34 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-12-18 16:34 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-12-18 16:34 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-12-18 16:33 - 2016-03-09 13:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-12-18 16:33 - 2016-03-09 13:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-12-18 16:33 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-12-18 16:33 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-12-18 16:33 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-12-18 16:33 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-12-18 16:33 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-12-18 16:33 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-12-18 16:32 - 2016-04-08 23:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-12-18 16:32 - 2016-04-08 22:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-12-18 16:32 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-12-18 16:32 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-12-18 16:06 - 2016-07-22 09:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2016-12-18 16:06 - 2016-07-22 09:51 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2016-12-18 15:59 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2016-12-18 15:59 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2016-12-18 15:59 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys
2016-12-18 15:34 - 2016-12-18 15:34 - 00000000 ____D C:\Users\Bill\AppData\Local\ElevatedDiagnostics
2016-12-18 15:15 - 2016-12-18 15:15 - 00002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Toshiba Book Place.lnk
2016-12-18 15:15 - 2016-12-18 15:15 - 00000000 ____D C:\Users\Public\Book Place
2016-12-18 15:14 - 2016-12-18 15:14 - 00000000 ____D C:\Users\Bill\AppData\Roaming\Macromedia
2016-12-18 15:14 - 2016-12-18 15:14 - 00000000 ____D C:\Users\Bill\AppData\Local\Macromedia
2016-12-18 15:13 - 2016-12-18 15:13 - 00000000 ____D C:\Users\Public\Symantec
2016-12-18 15:13 - 2016-12-18 15:13 - 00000000 ____D C:\Program Files (x86)\SymSilent
2016-12-18 15:09 - 2016-12-18 15:09 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-12-18 15:09 - 2016-12-18 14:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-18 15:07 - 2016-12-18 15:08 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-12-18 15:07 - 2016-12-18 15:07 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-12-18 15:07 - 2010-02-04 13:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2016-12-18 15:07 - 2010-02-04 13:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2016-12-18 15:07 - 2010-02-04 13:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2016-12-18 15:07 - 2010-02-04 13:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2016-12-18 15:07 - 2009-03-09 18:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2016-12-18 15:07 - 2007-04-04 21:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2016-12-18 15:07 - 2007-03-12 19:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2016-12-18 15:06 - 2016-12-18 15:08 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-18 15:06 - 2016-12-18 15:08 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-18 15:04 - 2009-07-30 23:22 - 00027784 _____ (TOSHIBA Corporation.) C:\windows\system32\Drivers\tdcmdpst.sys
2016-12-18 15:03 - 2016-12-18 15:03 - 00000000 ____D C:\Users\Public\TOSHIBA
2016-12-18 15:00 - 2016-12-18 15:13 - 00000000 ____D C:\ProgramData\Toshiba
2016-12-18 15:00 - 2016-12-18 15:00 - 00020592 _____ (Compal Electronics, INC.) C:\windows\system32\Drivers\CeKbFilter.sys
2016-12-18 15:00 - 2016-12-18 15:00 - 00000000 ____D C:\TOSHIBA
2016-12-18 14:59 - 2016-12-18 14:59 - 00000000 ____D C:\Program Files\Elantech
2016-12-18 14:59 - 2014-02-06 12:51 - 00024904 _____ (ELAN Microelectronic Corp.) C:\windows\system32\Drivers\ETDSMBus.sys
2016-12-18 14:57 - 2009-06-19 00:42 - 00040832 _____ (TOSHIBA CORPORATION.) C:\windows\system32\Drivers\TosBtCi.dll
2016-12-18 14:56 - 2016-12-18 15:17 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-12-18 14:56 - 2016-12-18 15:02 - 00000000 ____D C:\ProgramData\win7_64
2016-12-18 14:56 - 2016-12-18 15:02 - 00000000 ____D C:\ProgramData\win7_32
2016-12-18 14:56 - 2016-12-18 14:56 - 00000000 ____D C:\windows\system32\Microsoft.VC80.MFC
2016-12-18 14:56 - 2016-12-18 14:56 - 00000000 ____D C:\ProgramData\win8_64
2016-12-18 14:56 - 2016-12-18 14:56 - 00000000 ____D C:\ProgramData\win8_32
2016-12-18 14:56 - 2011-12-20 14:13 - 00301568 _____ (COMPAL ELECTRONIC INC.) C:\windows\system32\HWS_Ctrl.dll
2016-12-18 14:56 - 2010-03-04 19:44 - 00008192 _____ (COMPAL ELECTRONIC INC.) C:\windows\system32\TSBWLS.dll
2016-12-18 14:55 - 2016-12-18 15:20 - 00000000 ____D C:\Users\Bill\AppData\Local\Intuit
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\SysWOW64\sda
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\tr
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\sv
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\sk
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\ru
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\pl
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\no
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\nl
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\it
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\hu
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\fr
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\fi
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\es
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\el
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\de
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\da
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\system32\cs
2016-12-18 14:55 - 2016-12-18 14:55 - 00000000 ____D C:\windows\Downloaded Installations
2016-12-18 14:55 - 2013-11-22 18:51 - 00291032 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsP2Stor.sys
2016-12-18 14:55 - 2013-04-25 21:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RtsP2StorIcon.dll
2016-12-18 14:52 - 2016-12-18 14:52 - 00000000 ____D C:\Program Files (x86)\TOH Class Filter
2016-12-18 14:51 - 2016-12-18 14:51 - 00000000 ____D C:\windows\Options
2016-12-18 14:51 - 2016-12-18 14:51 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-12-18 14:51 - 2016-12-18 14:51 - 00000000 ____D C:\Program Files (x86)\Atheros
2016-12-18 14:51 - 2014-02-21 03:49 - 04044800 _____ (Qualcomm Atheros Communications, Inc.) C:\windows\system32\Drivers\athrx.sys
2016-12-18 14:49 - 2016-12-18 14:49 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_iusb3hcs_0 1009.Wdf
2016-12-18 14:49 - 2014-01-27 18:32 - 00888536 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2016-12-18 14:49 - 2014-01-27 18:32 - 00107552 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RTNUninst64.dll
2016-12-18 14:49 - 2014-01-27 18:32 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2016-12-18 14:48 - 2013-09-17 10:47 - 00041984 _____ (Intel Corporation) C:\windows\system32\Drivers\USB3Ver.dll
2016-12-18 14:46 - 2016-12-18 14:46 - 00003130 _____ C:\windows\System32\Tasks\RTKCPL
2016-12-18 14:46 - 2016-12-18 14:46 - 00000013 __RSH C:\windows\system32\Drivers\fbd.sys
2016-12-18 14:46 - 2016-12-18 14:46 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-12-18 14:46 - 2016-12-18 14:46 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2016-12-18 14:46 - 2016-12-18 14:46 - 00000000 ____D C:\Program Files\Realtek
2016-12-18 14:45 - 2016-12-18 14:55 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-18 14:45 - 2016-12-18 14:46 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-18 14:45 - 2014-03-12 00:50 - 00853784 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2016-12-18 14:45 - 2014-03-12 00:00 - 03891800 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2016-12-18 14:45 - 2014-03-11 20:37 - 57362432 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2016-12-18 14:45 - 2014-03-11 13:06 - 01738032 _____ C:\windows\system32\SStudio.dll
2016-12-18 14:45 - 2014-03-10 20:09 - 00947928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2016-12-18 14:45 - 2014-03-07 13:57 - 02794200 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
2016-12-18 14:45 - 2014-03-06 19:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2016-12-18 14:45 - 2014-03-05 08:11 - 01048824 _____ (SRS Labs, Inc.) C:\windows\system32\slcnt64.dll
2016-12-18 14:45 - 2014-03-05 08:11 - 00889592 _____ (DTS, Inc.) C:\windows\system32\sl3apo64.dll
2016-12-18 14:45 - 2014-03-05 08:11 - 00724728 _____ (DTS, Inc.) C:\windows\system32\sltech64.dll
2016-12-18 14:45 - 2014-03-05 08:11 - 00246008 _____ (TODO: <Company name>) C:\windows\system32\slprp64.dll
2016-12-18 14:45 - 2014-03-04 23:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2016-12-18 14:45 - 2014-03-04 20:19 - 00627928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2016-12-18 14:45 - 2014-03-03 23:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2016-12-18 14:45 - 2014-02-27 23:02 - 02162992 _____ (Yamaha Corporation) C:\windows\system32\YamahaAE.dll
2016-12-18 14:45 - 2014-02-26 18:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll
2016-12-18 14:45 - 2014-02-26 11:48 - 00942384 _____ (Nahimic Inc) C:\windows\system32\NAHIMICAPOSettingsIPC.dll
2016-12-18 14:45 - 2014-02-26 11:47 - 05751048 _____ (Nahimic Inc) C:\windows\system32\NAHIMICAPOlfx.dll
2016-12-18 14:45 - 2014-02-18 21:12 - 01042520 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2016-12-18 14:45 - 2014-02-18 21:12 - 00882776 _____ (Waves Audio Ltd.) C:\windows\SysWOW64\MaxxAudioAPOShell.dll
2016-12-18 14:45 - 2014-02-18 20:04 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2016-12-18 14:45 - 2014-02-18 17:48 - 02396760 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO6064.dll
2016-12-18 14:45 - 2014-02-18 17:48 - 01424984 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO4064.dll
2016-12-18 14:45 - 2014-02-18 17:48 - 01423960 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO5064.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 28314200 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioVnA64.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 14742104 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 12816472 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVoiceAPO3064.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 03927640 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioVnN64.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 02101848 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 02040920 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2016-12-18 14:45 - 2014-02-16 23:30 - 01933400 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek264.dll
2016-12-18 14:45 - 2014-02-06 14:28 - 05804772 _____ C:\windows\system32\Drivers\rtvienna.dat
2016-12-18 14:45 - 2014-01-31 20:28 - 00938608 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVoiceAPO2064.dll
2016-12-18 14:45 - 2014-01-31 20:27 - 01313904 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxSpeechAPO64.dll
2016-12-18 14:45 - 2014-01-28 14:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2016-12-18 14:45 - 2013-10-16 06:43 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2016-12-18 14:45 - 2013-10-11 15:47 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2016-12-18 14:45 - 2013-10-11 14:31 - 00947760 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2016-12-18 14:45 - 2013-10-07 03:26 - 00501184 _____ (DTS) C:\windows\system32\DTSU2PLFX64.dll
2016-12-18 14:45 - 2013-10-07 03:26 - 00487360 _____ (DTS) C:\windows\system32\DTSU2PGFX64.dll
2016-12-18 14:45 - 2013-10-07 03:26 - 00415680 _____ (DTS) C:\windows\system32\DTSU2PREC64.dll
2016-12-18 14:45 - 2013-09-10 07:02 - 06217904 _____ (Dolby Laboratories) C:\windows\system32\DDPP64A.dll
2016-12-18 14:45 - 2013-09-10 07:02 - 00313520 _____ (Dolby Laboratories) C:\windows\system32\DDPO64A.dll
2016-12-18 14:45 - 2013-09-10 07:01 - 01938608 _____ (Dolby Laboratories) C:\windows\system32\DDPD64A.dll
2016-12-18 14:45 - 2013-09-10 07:01 - 00260272 _____ (Dolby Laboratories) C:\windows\system32\DDPA64.dll
2016-12-18 14:45 - 2013-08-20 20:37 - 00605496 _____ C:\windows\system32\audioLibVc.dll
2016-12-18 14:45 - 2013-08-14 18:36 - 00662784 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2016-12-18 14:45 - 2013-08-14 18:35 - 00663296 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2016-12-18 14:45 - 2013-06-25 15:47 - 00871856 _____ (TOSHIBA Corporation) C:\windows\system32\tossaeapo64.dll
2016-12-18 14:45 - 2013-06-25 15:47 - 00162224 _____ (TOSHIBA Corporation) C:\windows\system32\toseaeapo64.dll
2016-12-18 14:45 - 2013-06-25 15:46 - 00582056 _____ (TOSHIBA Corporation) C:\windows\system32\tosasfapo64.dll
2016-12-18 14:45 - 2013-06-21 14:01 - 00109848 _____ C:\windows\system32\AcpiServiceVnA64.dll
2016-12-18 14:45 - 2013-04-03 17:13 - 00906800 _____ (Sony Corporation) C:\windows\system32\MISS_APO.dll
2016-12-18 14:45 - 2012-08-31 22:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2016-12-18 14:45 - 2012-08-31 22:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2016-12-18 14:45 - 2012-08-31 22:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2016-12-18 14:45 - 2012-08-31 22:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2016-12-18 14:45 - 2012-08-31 22:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2016-12-18 14:45 - 2012-03-08 14:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2016-12-18 14:45 - 2012-01-30 14:43 - 00836544 _____ (TOSHIBA Corporation) C:\windows\system32\tadefxapo264.dll
2016-12-18 14:45 - 2012-01-10 13:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\windows\system32\tepeqapo64.dll
2016-12-18 14:45 - 2011-12-20 18:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2016-12-18 14:45 - 2011-11-22 19:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2016-12-18 14:45 - 2011-09-02 17:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2016-12-18 14:45 - 2011-09-02 17:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2016-12-18 14:45 - 2011-09-02 17:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2016-12-18 14:45 - 2011-08-23 20:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2016-12-18 14:45 - 2011-05-31 12:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2016-12-18 14:45 - 2011-03-17 15:17 - 01361336 _____ (TOSHIBA Corporation) C:\windows\system32\tosade.dll
2016-12-18 14:45 - 2011-03-07 20:11 - 00148416 _____ (TOSHIBA Corporation) C:\windows\system32\tadefxapo.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2016-12-18 14:45 - 2010-11-08 10:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2016-12-18 14:45 - 2010-11-03 21:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2016-12-18 14:45 - 2010-09-27 12:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2016-12-18 14:45 - 2010-07-22 19:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2016-12-18 14:45 - 2009-11-24 12:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2016-12-18 14:45 - 2009-11-24 12:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2016-12-18 14:45 - 2009-11-24 12:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2016-12-18 14:45 - 2009-11-24 12:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2016-12-18 14:44 - 2016-12-18 14:44 - 00015812 _____ C:\windows\system32\results.xml
2016-12-18 14:42 - 2016-12-18 14:42 - 00000000 ____D C:\windows\Intuit
2016-12-18 14:42 - 2013-10-07 17:52 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL
2016-12-18 14:42 - 2013-10-07 17:52 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL
2016-12-18 14:41 - 2012-01-05 12:43 - 04218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\windows\SysWOW64\cdintf400.dll
2016-12-18 14:38 - 2016-12-18 14:38 - 00002122 _____ C:\Users\Public\Desktop\QuickBooks Pro 2014.lnk
2016-12-18 14:38 - 2016-12-18 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2016-12-18 14:36 - 2016-12-18 14:42 - 00000000 ____D C:\Program Files\Intel
2016-12-18 14:36 - 2016-12-18 14:38 - 00000000 ____D C:\ProgramData\Intel
2016-12-18 14:36 - 2013-12-10 10:27 - 00016344 _____ (Intel Corporation) C:\windows\system32\Drivers\IntelMEFWVer.dll
2016-12-18 14:35 - 2016-12-18 14:41 - 00000000 ____D C:\Intel
2016-12-18 14:35 - 2016-12-18 14:35 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx 64_01011.Wdf
2016-12-18 14:33 - 2016-12-18 15:20 - 00000000 ____D C:\ProgramData\Intuit
2016-12-18 14:33 - 2016-12-18 14:48 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-18 14:33 - 2016-12-18 14:33 - 00000000 ____D C:\Users\Public\Documents\Intuit
2016-12-18 14:33 - 2016-12-18 14:33 - 00000000 ____D C:\ProgramData\Nuance
2016-12-18 14:33 - 2013-08-21 18:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-18 14:31 - 2016-12-18 14:56 - 00000000 ____D C:\ProgramData\SQL Anywhere 11
2016-12-18 14:31 - 2016-12-18 14:39 - 00000095 _____ C:\windows\QBChanUtil_Trigger.ini
2016-12-18 14:30 - 2016-12-18 14:33 - 00000000 ____D C:\Program Files (x86)\Intuit
2016-12-18 14:21 - 2016-12-18 14:21 - 00000000 ____D C:\Program Files (x86)\Akamai
2016-12-18 14:20 - 2016-12-18 14:20 - 00001266 _____ C:\Users\Bill\Desktop\Windows Update.lnk
2016-12-18 14:20 - 2016-12-18 14:20 - 00001252 _____ C:\Users\Bill\Desktop\Disk Cleanup.lnk
2016-12-18 14:15 - 2016-12-18 14:15 - 00001045 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-12-18 14:15 - 2016-12-18 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-12-18 14:15 - 2016-12-18 14:15 - 00000000 ____D C:\Program Files\VS Revo Group
2016-12-18 14:14 - 2016-12-18 14:14 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2016-12-18 14:14 - 2016-12-18 14:14 - 00000000 ____D C:\Program Files (x86)\Secunia
2016-12-18 14:12 - 2016-12-22 18:36 - 00000000 ____D C:\Users\Bill\AppData\Local\Adobe
2016-12-18 14:11 - 2016-12-18 14:11 - 00002786 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-18 14:11 - 2016-12-18 14:11 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-18 14:11 - 2016-12-18 14:11 - 00000000 ____D C:\Program Files\CCleaner
2016-12-18 14:09 - 2016-12-24 15:30 - 00000000 ____D C:\AdwCleaner
2016-12-18 14:01 - 2016-12-18 14:01 - 00000000 ____D C:\Users\Bill\AppData\Local\CEF
2016-12-18 13:59 - 2016-12-18 13:59 - 00001933 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-12-18 13:59 - 2016-12-18 13:59 - 00000000 ____D C:\Users\Bill\AppData\Roaming\AVAST Software
2016-12-18 13:59 - 2016-12-18 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-18 13:58 - 2016-12-20 20:10 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-12-18 13:58 - 2016-12-18 13:58 - 00513632 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2016-12-18 13:58 - 2016-12-18 13:58 - 00293352 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2016-12-18 13:58 - 2016-12-18 13:58 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-12-18 13:58 - 2016-12-18 13:58 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-18 13:58 - 2016-12-18 13:57 - 00163416 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-12-18 13:58 - 2016-12-18 13:57 - 00108816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-12-18 13:58 - 2016-12-18 13:57 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-12-18 13:57 - 2016-12-18 13:58 - 00969184 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2016-12-18 13:57 - 2016-12-18 13:57 - 00391496 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-12-18 13:57 - 2016-12-18 13:57 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-12-18 13:57 - 2016-12-18 13:57 - 00053208 _____ (AVAST Software) C:\windows\avastSS.scr
2016-12-18 13:57 - 2016-12-18 13:57 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-12-18 13:56 - 2016-12-18 13:56 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-18 13:55 - 2016-12-18 13:55 - 04002104 _____ (Secunia) C:\Users\Bill\Downloads\PSISetup.exe
2016-12-18 13:55 - 2016-12-18 13:55 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-18 13:52 - 2016-12-18 13:52 - 06334848 _____ (AVAST Software) C:\Users\Bill\Downloads\avast_free_antivirus_setup .exe
2016-12-18 13:51 - 2016-12-18 13:51 - 01663040 _____ (Malwarebytes) C:\Users\Bill\Downloads\JRT.exe
2016-12-18 13:50 - 2016-12-18 13:50 - 07097928 _____ (VS Revo Group ) C:\Users\Bill\Downloads\revosetup.exe
2016-12-18 13:49 - 2016-12-18 13:49 - 51969976 _____ (Malwarebytes ) C:\Users\Bill\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-18 13:49 - 2016-12-18 13:49 - 03977168 _____ C:\Users\Bill\Downloads\adwcleaner.exe
2016-12-18 13:47 - 2016-12-18 13:47 - 08803648 _____ (Piriform Ltd) C:\Users\Bill\Downloads\ccsetup525.exe
2016-12-18 13:45 - 2016-12-18 13:45 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2016-12-18 13:42 - 2016-12-24 18:00 - 00000000 ____D C:\Users\Bill\AppData\LocalLow\Mozilla
2016-12-18 13:42 - 2016-12-18 13:49 - 00000000 ____D C:\Users\Bill\AppData\Local\Mozilla
2016-12-18 13:42 - 2016-12-18 13:42 - 00001158 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-18 13:42 - 2016-12-18 13:42 - 00000000 ____D C:\Users\Bill\AppData\Roaming\Mozilla
2016-12-18 13:42 - 2016-12-18 13:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-18 13:42 - 2016-12-18 13:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-18 13:40 - 2016-12-18 13:40 - 00243552 _____ C:\Users\Bill\Downloads\Firefox Setup Stub 50.1.0.exe
2016-12-18 13:36 - 2016-12-18 21:32 - 00062816 _____ C:\Users\Bill\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-18 13:35 - 2016-12-22 18:36 - 00000000 ____D C:\Users\Bill\AppData\Roaming\Adobe
2016-12-18 13:35 - 2016-12-18 13:35 - 00001424 _____ C:\Users\Bill\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Internet Explorer.lnk
2016-12-18 13:35 - 2016-12-18 13:35 - 00000000 ____D C:\Users\Bill\AppData\Local\TOSHIBA
2016-12-18 13:34 - 2016-12-18 13:34 - 00000000 ____D C:\Users\Bill\AppData\Local\VirtualStore
2016-12-18 13:33 - 2016-12-18 13:34 - 00000000 ____D C:\Users\Bill
2016-12-18 13:33 - 2016-12-18 13:33 - 00000020 ___SH C:\Users\Bill\ntuser.ini
2016-12-18 13:33 - 2016-12-18 13:33 - 00000000 _SHDL C:\Users\Bill\My Documents
2016-12-18 13:33 - 2016-12-18 13:33 - 00000000 _SHDL C:\Users\Bill\Documents\My Videos
2016-12-18 13:33 - 2016-12-18 13:33 - 00000000 _SHDL C:\Users\Bill\Documents\My Pictures
2016-12-18 13:33 - 2016-12-18 13:33 - 00000000 _SHDL C:\Users\Bill\Documents\My Music
2016-12-18 13:33 - 2010-11-21 02:16 - 00000000 ____D C:\Users\Bill\AppData\Roaming\Media Center Programs
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcp110_clr0400.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-24 17:11 - 2014-05-20 10:29 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-12-24 16:36 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2016-12-24 16:32 - 2009-07-13 23:45 - 00029552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-24 16:32 - 2009-07-13 23:45 - 00029552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-24 15:29 - 2009-07-14 00:13 - 00781298 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-24 15:29 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2016-12-24 15:24 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-24 15:23 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-24 14:34 - 2009-07-13 21:34 - 00000215 _____ C:\windows\system.ini
2016-12-20 19:47 - 2014-05-20 10:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-19 19:15 - 2014-05-21 02:40 - 00000000 ____D C:\windows\Panther
2016-12-19 18:24 - 2009-07-13 22:20 - 00000000 ____D C:\windows\security
2016-12-19 18:24 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-12-19 17:38 - 2009-07-13 22:20 - 00000000 ____D C:\windows\AppCompat
2016-12-18 22:19 - 2014-05-20 10:26 - 00774004 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-18 21:29 - 2009-07-13 23:45 - 00282616 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-18 21:08 - 2014-05-20 10:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-18 20:03 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-18 19:53 - 2009-07-13 22:20 - 00000000 ____D C:\windows\tracing
2016-12-18 19:53 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2016-12-18 19:53 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Dism
2016-12-18 19:53 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2016-12-18 19:53 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-18 16:04 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\NDF
2016-12-18 15:26 - 2009-07-14 00:32 - 00028672 _____ C:\windows\system32\config\BCD-Template
2016-12-18 15:17 - 2014-05-20 10:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-18 15:16 - 2014-05-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba
2016-12-18 15:16 - 2014-05-20 10:30 - 00000000 ____D C:\Program Files\Toshiba
2016-12-18 15:11 - 2014-05-20 10:29 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-18 15:11 - 2014-05-20 10:29 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-18 15:11 - 2014-05-20 10:29 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-18 15:11 - 2014-05-20 10:29 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-18 15:11 - 2014-05-20 10:29 - 00000000 ____D C:\windows\system32\Macromed
2016-12-18 14:36 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-18 13:34 - 2010-11-21 02:06 - 00000000 ____D C:\windows\SysWOW64\sysprep
2016-12-18 13:34 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Sysprep
2016-12-18 13:32 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries

==================== Files in the root of some directories =======

2016-12-18 20:17 - 2016-12-18 20:17 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-12-18 14:46 - 2016-12-18 14:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Bill\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-24 16:26
Reply With Quote
  #7  
Old December 25th, 2016, 12:14 AM
bot96 bot96 is offline
Senior Member
 
Join Date: Jun 2012
Posts: 186
Ran Combofix this morning and found it. Thanks for your help.
Reply With Quote
  #8  
Old December 25th, 2016, 08:07 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,085
Not real sure what your last post meant. Thanks, and adios, or thanks, let's carry on. If we are carrying on, please post the C:\combofix.txt log before we move forward.

If adios, be sure to uninstall Advanced Spyware Remover. You do not want to be using Iobit software, for many reasons.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 10:53 AM.