Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old January 26th, 2017, 03:37 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Suspicious "Secure search" bar appeared - unable to remove.

Hi,

I have recently had Jintan helping me here:

http://www.cybertechhelp.com/forums/...=232061&page=3

I then moved to the windows 7 forums for some queries there.

But I'm back in here in hope of some help please.

I have just upgraded from vista to windows 7, lots of updating etc has been getting done.

Now, the last day or 2 I have noticed that a search bar at the top of my google page randomly appears at times, this is in chrome/firefox and IE. The search bar has the words "secure search" in it. It redirects me to a bing search and also sometimes to other material that I don't want to see. This as only started to happen the last day or 2 and I've never seen this before.

I have tried all of the obvious things to do with default searches etc but no joy. It doesn't appear every time i open a new tab, just at random times. From my searches on the internet it could indicate malware etc. I've done a malwarebytes scan but this has not detected anything.

Also when I right click the mouse button, randomly the "windows installer" box flashes up for a second or 2 then comes to nothing. Also at times it pops up on it's own then disappears.

Any help on these 2 issues, I would be very grateful.

Thanks,

Ben.
Reply With Quote


  #2  
Old January 26th, 2017, 12:21 PM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Hi,

I just wanted to update. As the system and browsing become increasingly unstable I ran adwcleaner, it came back with 22 threats.

I have cleaned all of these out, I'll post the log file below. I'm not sure if repairs are needed after this.

# AdwCleaner v6.042 - Logfile created 26/01/2017 at 11:06:10
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-26.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X86)
# Username : Ben - BEN-PC
# Running from : C:\Users\Ben\Desktop\adwcleaner_6.042.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: swdumon


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Ben\AppData\Local\slimware utilities inc
[#] Folder deleted on reboot: C:\Users\Ben\AppData\Local\SlimWare Utilities Inc
[-] Folder deleted: C:\Users\Ben\AppData\Roaming\DesktopIconForAmazon
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] Folder deleted: C:\Program Files\myfree codec
[-] Folder deleted: C:\Windows\system32\C2MP


***** [ Files ] *****

[-] File deleted: C:\Windows\system32\drivers\swdumon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\OpcMp4.OpcMp4Player
[-] Key deleted: HKLM\SOFTWARE\Classes\OpcMp4.OpcMp4Player.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key deleted: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\DriverTuner
[-] Key deleted: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\DriverTuner_Init
[-] Key deleted: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Windows\CurrentVersion\Uni nstall\MyFreeCodec
[#] Key deleted on reboot: HKCU\Software\DriverTuner
[#] Key deleted on reboot: HKCU\Software\DriverTuner_Init
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\WISECLEANER
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uni nstall\MyFreeCodec
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmcc ejididiaagpgchgjfajgp


***** [ Web browsers ] *****

[-] [C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Deleted: ipmkfpcnmccejididiaagpgchgjfajgp
[-] [C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
[-] [C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3] [extension] Deleted: ipmkfpcnmccejididiaagpgchgjfajgp


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2778 Bytes] - [26/01/2017 11:06:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [2882 Bytes] - [26/01/2017 11:01:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2924 Bytes] ##########
Reply With Quote
  #3  
Old January 26th, 2017, 01:55 PM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
I also ran rogue killer. I have not removed anything, as I'm not sure which to remove or keep, but it did show a number of threats. I'll post the report below for information.

Any help to clear these issues, would be great.

RogueKiller V12.9.5.0 [Jan 23 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Ben [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 01/26/2017 11:43:18 (Duration : 01:04:01)

Processes : 0

Registry : 11
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} (C:\Program Files\MyFree Codec\1.0b beta\XVID-CORE\xvid.ax) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{64697678-0000-0010-8000-00AA00389B71} (C:\Program Files\MyFree Codec\1.0b beta\XVID-CORE\xvid.ax) -> Found
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} (C:\PROGRA~1\COMMON~1\WONDER~1\WONDER~1\WSHelper.e xe) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} (C:\Program Files\MyFree Codec\1.0b beta\MyFree.ax) -> Found
[PUP.Gen1] HKEY_USERS\S-1-5-21-1289019028-3489076271-160467946-1003\Software\OCS -> Found
[PUP.Gen0] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S WDUMon (system32\DRIVERS\SWDUMon.sys) -> Found
[PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N laSvc\Parameters\Internet\ManualProxies | (default) : -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bbc.co.uk/ -> Found
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\T cpip\Parameters | DhcpNameServer : 172.31.79.142 172.31.79.144 157.54.104.75 157.54.14.146 157.54.14.162 157.54.80.10 ([][][United States][United States][-][United States]) -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\T cpip\Parameters\Interfaces\{F6719FED-F4BC-4A57-BF38-9FC9A39C7E93} | DhcpNameServer : 172.31.79.142 172.31.79.144 157.54.104.75 157.54.14.146 157.54.14.162 157.54.80.10 ([][][United States][United States][-][United States]) -> Found

Tasks : 0

Files : 0

WMI : 0

Hosts File : 0

Antirootkit : 0 (Driver: Loaded)

Web browsers : 3
[PUM.HomePage][Firefox:Config] 41z0j4bg.default-1465414280271 : user_pref("browser.startup.homepage", "http://www.bbc.co.uk/"); -> Found
[PUM.HomePage][Chrome:Config] Profile 3 [SecurePrefs] : homepage [http://www.bbc.co.uk/] -> Found
[PUM.HomePage][Chrome:Config] Profile 3 [SecurePrefs] : session.startup_urls [http://www.bbc.co.uk/] -> Found

MBR Check :
+++++ PhysicalDrive0: WDC WD3200BEKT-75PVMT0 +++++
--- User ---
[MBR] d2f1bc23e1e54854de8aabd9082c402d
[BSP] 263852203307ddc10630fcb24e89c5f4 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9822 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20117504 | Size: 295421 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! ([32] The request is not supported. )
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Ricoh Memory Stick Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

Last edited by JIO22; January 26th, 2017 at 01:58 PM.
Reply With Quote
  #4  
Old January 26th, 2017, 04:47 PM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Just an update.

Since running the adwcleaner and cleaning all of those items out, I haven't seen the "secure search" bar since - so this is more promising.

As above those things are still there in the rogue killer findings.

For the other issue I ran the CAT tool, and using the windows installer repair option to try it. This has helped as I can now install windows live essentials to windows 7, prior to running CAT this was another issue, I had with with windows installer and it wouldn't install.

Unfortunately I'm still getting the windows installer box flashing up at random times for a split second and/or when pressing clicking the right mouse button on the desktop.
Reply With Quote
  #5  
Old January 27th, 2017, 01:26 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,943
A pro at ADWCleaner and CAT it seems. Go to Windows Update in Control Panel - Change settings. Does that look okay?
Reply With Quote
  #6  
Old January 27th, 2017, 02:26 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Hi Tom,

I don't really trust myself with this stuff to be honest... You guys are the experts in this field.

Yes that looks fine, the settings are as they should be, and, windows update works perfect.

I'm not sure if there is still malware or infections somewhere?

The windows installer is still flashing up to, not all the time the right button is clicked though, just sometimes.
Reply With Quote
  #7  
Old January 27th, 2017, 11:11 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,943
Actually, since Cat makes mistakes just like AdwCleaner and Rogue Killer does, you shouldn't be able to make changes to the update setting, so maybe check that again. My mentioning it all is just that you shouldn't use the software we suggest here independently unless you have had training on it.

You also really should not have two opens threads on the same system, since you may get conflicting changes suggested on both, so I suggest you post in your other thread that you are again receiving assistance here. My mistake for asking a Mod to move it.

Post a new FRST scan log please.
Reply With Quote
  #8  
Old January 28th, 2017, 12:16 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Hi Tom,

Please accept my apologies, the only reason I used them (with caution) was purely to help my situation, because of the quick differences I was seeing. And I am also conscious of causing more bad than good also.

I'll post in my other thread to let them know I am receiving guidance here, it was very unfortunate that this has happened..... The back up issue was for the other thread, that was the remaining issue - now this has happened. I couldn't move that thread back here, and I was left with the option of creating a new one here to seek help again.

No problem, it's not your mistake for asking for it to be moved, it was the only issue remaining - so that couldn't be helped.

The windows update settings all look ok and I can change them, I've looked at these and it appears to be working as it should. I'll post the scan below once completed.
Reply With Quote
  #9  
Old January 28th, 2017, 12:25 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2017
Ran by Ben (administrator) on BEN-PC (27-01-2017 23:14:11)
Running from C:\Users\Ben\Desktop
Loaded Profiles: Ben (Available Profiles: Ben)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Sony Corporation) C:\Program Files\sony\Marketing Tools\MarketingTools.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.ex e
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Sony Corporation) C:\Program Files\sony\Network Utility\LANUtil.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\NSUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files\Wondershare\WAF\2.2.0.5\WsAppService.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VAIOUpdt.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-20] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-03-10] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [124544 2016-02-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [MarketingTools] => C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [24576 2011-08-13] (Sony Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2017-01-19] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-12-09] (Sony Corporation)
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\Run: [NSUFloatingUI] => C:\Program Files\Sony\Network Utility\LANUtil.exe [270336 2008-11-05] (Sony Corporation)
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-01-20] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9D6DADE0-10C1-4706-85D6-CAB0F4FDDDAB}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DFB36763-18C1-4E9D-9E2C-1DE555C9C05C}: [DhcpNameServer] 192.168.0.1
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bbc.co.uk/
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E83252D4-35F3-4E7C-ADA8-88015CBC4015} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> {E83252D4-35F3-4E7C-ADA8-88015CBC4015} URL =
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271 [2017-01-26]
FF NewTab: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> Google
FF Homepage: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> hxxp://www.bbc.co.uk/
FF Keyword.URL: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Adguard AdBlocker) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271\Extensions\adguardadblocker@adguard. com.xpi [2017-01-14]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271\Extensions\marcoagpinto@mail.telepac .pt [2017-01-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2017-01-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_ 194.dll [2017-01-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1225195 .dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1 .dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-01-03]

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> hxxp://www.bbc.co.uk/
CHR StartupUrls: Profile 3 -> "hxxp://www.bbc.co.uk/"
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-01-22]
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-22]
CHR Extension: (Google Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-22]
CHR Extension: (Adguard AdBlocker) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-01-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-27]
CHR Extension: (Adguard AdBlocker) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-01-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-20] (AVAST Software)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2571704 2012-12-03] (WIBU-SYSTEMS AG)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-05-22] (Teruten) [File not signed]
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2008-10-22] (Google)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [303104 2008-11-05] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [114688 2009-04-01] (Sony Corporation) [File not signed]
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [72856 2012-03-06] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [93336 2012-03-06] (Sony Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe [69632 2009-03-05] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [203624 2008-12-09] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-09-05] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [480624 2009-09-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-03-05] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1220376 2016-03-31] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-03-05] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2017-01-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2017-01-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2017-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2017-01-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2017-01-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2017-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2017-01-22] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2017-01-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2017-01-20] (AVAST Software)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2016-11-20] (CACE Technologies, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 23:14 - 2017-01-27 23:15 - 00020885 _____ C:\Users\Ben\Desktop\FRST.txt
2017-01-27 23:13 - 2017-01-27 23:13 - 01762816 _____ (Farbar) C:\Users\Ben\Desktop\FRST.exe
2017-01-27 22:36 - 2017-01-27 22:36 - 00000000 ____H C:\ProgramData\cm-lock
2017-01-26 18:52 - 2017-01-26 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-01-26 18:39 - 2017-01-26 19:10 - 00000000 ____D C:\Program Files\MSECACHE
2017-01-26 15:15 - 2017-01-26 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-01-26 15:13 - 2017-01-26 15:15 - 00000000 ____D C:\Program Files\iTunes
2017-01-26 15:13 - 2017-01-26 15:13 - 00000000 ____D C:\Program Files\iPod
2017-01-26 15:11 - 2017-01-26 15:11 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-26 15:11 - 2017-01-26 15:11 - 00000000 ____D C:\Program Files\Apple Software Update
2017-01-26 15:10 - 2017-01-26 15:10 - 00000000 ____D C:\Program Files\Bonjour
2017-01-26 14:25 - 2017-01-26 14:25 - 00001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-01-26 14:25 - 2017-01-26 14:25 - 00000000 ____D C:\Windows\en
2017-01-26 14:24 - 2017-01-26 14:24 - 00001320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-01-26 13:40 - 2017-01-26 13:40 - 00000000 ____D C:\Users\Ben\AppData\Local\{97D9D065-1D42-4C20-AB82-DCB2CCC2D701}
2017-01-26 13:26 - 2017-01-26 13:26 - 00000000 ____D C:\Users\Ben\AppData\Local\{3A444AD9-EC2C-4C92-AB46-1501F2494963}
2017-01-26 12:40 - 2017-01-26 12:40 - 00000000 ____D C:\Users\Ben\AppData\Local\{B0319581-B81E-48BF-8C27-9E322E5F813B}
2017-01-26 12:28 - 2017-01-26 12:28 - 00000000 ____D C:\Users\Ben\AppData\Local\{3E733F03-9336-4E95-BD7B-068589938CCD}
2017-01-26 11:38 - 2017-01-26 11:38 - 00001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-01-26 11:38 - 2017-01-26 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-26 10:56 - 2017-01-26 15:30 - 00000000 ____D C:\AdwCleaner
2017-01-26 10:55 - 2017-01-26 10:56 - 03988944 _____ C:\Users\Ben\Desktop\adwcleaner_6.042.exe
2017-01-26 01:54 - 2017-01-26 02:20 - 00000000 ____D C:\Program Files\Windows Live
2017-01-26 01:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-01-26 01:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-01-26 01:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-01-26 01:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-01-26 01:48 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-01-26 01:32 - 2017-01-26 01:32 - 00000000 ____D C:\Users\Ben\AppData\Local\{2558C362-5F50-4125-BADC-496170B3CBA8}
2017-01-26 01:14 - 2017-01-26 01:14 - 00000000 ____D C:\Users\Ben\AppData\Local\{915873F9-FF99-4138-B6A1-40473D6A986B}
2017-01-26 01:07 - 2017-01-26 01:07 - 00000000 ____D C:\Users\Ben\AppData\Local\{4C5330A9-E5EE-4E8D-89D8-6C81A9894E64}
2017-01-26 01:02 - 2017-01-26 01:02 - 00000000 ____D C:\Users\Ben\AppData\Local\{37A5D038-C054-4E5D-AE93-2798934CD177}
2017-01-26 00:56 - 2017-01-26 00:56 - 00000000 ____D C:\Users\Ben\AppData\Local\{551E306C-656C-4E58-B8CE-8FD79AB7C665}
2017-01-26 00:29 - 2017-01-26 00:29 - 00000000 ____D C:\Users\Ben\AppData\Local\{AFAFC914-19A3-4C9A-A9F1-AB9E2BF24536}
2017-01-25 23:34 - 2017-01-25 23:34 - 00000000 ____D C:\Users\Ben\AppData\Local\{44F8F98A-3E7D-456A-8875-35AC619F0E46}
2017-01-25 23:28 - 2017-01-25 23:28 - 00000000 ____D C:\Users\Ben\AppData\Local\{3926047C-60B4-4287-B3F8-BD61CAFA4A94}
2017-01-25 21:24 - 2017-01-25 21:24 - 00000000 ____D C:\Program Files\GUMCA8F.tmp
2017-01-25 21:14 - 2017-01-25 21:15 - 00000000 ____D C:\Program Files\GUMEC03.tmp
2017-01-25 19:55 - 2017-01-26 11:32 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-24 15:34 - 2015-12-20 18:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-01-24 15:34 - 2015-12-20 18:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-01-24 15:34 - 2015-12-20 16:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-01-24 15:34 - 2015-07-16 19:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-01-24 15:34 - 2015-07-16 19:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-01-24 15:34 - 2015-07-16 19:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-01-24 15:34 - 2015-07-16 15:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-01-24 15:34 - 2014-12-11 17:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-01-24 15:32 - 2016-05-13 21:50 - 02945536 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-01-24 15:32 - 2016-05-13 21:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-01-24 15:32 - 2016-05-13 21:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-01-24 15:32 - 2016-05-13 21:39 - 02060288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-24 15:32 - 2016-05-13 21:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-24 15:32 - 2016-05-13 21:38 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-01-24 15:32 - 2016-05-13 21:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-01-24 15:32 - 2016-05-13 21:38 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-01-24 15:32 - 2016-05-13 21:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-01-24 15:32 - 2016-05-13 21:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-01-24 15:32 - 2016-05-13 21:38 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-01-24 15:31 - 2016-08-16 20:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-01-24 15:31 - 2016-08-16 20:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-01-24 15:31 - 2016-08-16 20:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-01-24 15:31 - 2016-08-16 20:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-01-24 15:31 - 2016-08-16 20:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-01-24 15:31 - 2016-08-16 20:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-01-24 15:31 - 2016-08-16 20:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-01-24 07:47 - 2012-08-23 14:46 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2017-01-24 07:47 - 2012-08-23 14:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-01-24 07:47 - 2012-08-23 11:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-01-24 07:29 - 2017-01-24 07:29 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-24 07:20 - 2013-10-02 00:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-01-24 07:20 - 2013-10-02 00:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyCon trol.exe
2017-01-24 07:20 - 2013-10-02 00:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExt ension.dll
2017-01-24 07:20 - 2013-10-02 00:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-01-24 07:20 - 2013-10-02 00:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-01-24 07:20 - 2013-10-01 23:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-01-24 07:20 - 2013-10-01 22:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-01-24 07:10 - 2015-08-05 17:40 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-01-24 07:10 - 2015-08-05 16:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-01-24 07:09 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-01-24 07:09 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-01-24 07:09 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-01-24 05:04 - 2016-11-12 18:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-24 05:04 - 2016-11-12 18:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-24 05:04 - 2016-11-12 18:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-24 05:04 - 2016-11-12 18:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-24 05:04 - 2016-11-12 18:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-24 05:04 - 2016-11-12 18:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-24 05:04 - 2016-11-12 18:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-24 05:04 - 2016-11-12 18:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-24 05:04 - 2016-11-12 18:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-24 05:04 - 2016-11-12 18:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-24 05:04 - 2016-11-12 17:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-24 05:04 - 2016-11-12 17:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-24 05:04 - 2012-02-11 05:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-01-24 05:04 - 2011-03-11 05:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2017-01-24 05:04 - 2011-03-11 05:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2017-01-24 05:04 - 2011-03-11 05:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2017-01-24 05:04 - 2011-03-11 05:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2017-01-24 05:04 - 2011-03-11 05:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2017-01-24 05:04 - 2011-03-11 05:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2017-01-24 05:04 - 2011-03-11 05:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2017-01-24 05:03 - 2017-01-05 17:46 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-24 05:03 - 2017-01-05 17:46 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-24 05:03 - 2017-01-05 17:43 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-24 05:03 - 2017-01-05 17:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-24 05:03 - 2017-01-05 17:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-24 05:03 - 2017-01-05 17:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-24 05:03 - 2017-01-05 17:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-24 05:03 - 2017-01-05 17:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-24 05:03 - 2017-01-05 17:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-24 05:03 - 2017-01-05 17:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-24 05:03 - 2017-01-05 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-24 05:03 - 2017-01-05 17:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-24 05:03 - 2016-11-20 16:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-24 05:03 - 2016-11-20 14:07 - 00373896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-24 05:03 - 2016-11-17 16:27 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-24 05:03 - 2016-11-14 22:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-24 05:03 - 2016-11-12 18:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-24 05:03 - 2016-11-12 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-24 05:03 - 2016-11-12 18:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-24 05:03 - 2016-11-12 18:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-24 05:03 - 2016-11-12 18:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-24 05:03 - 2016-11-12 18:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-24 05:03 - 2016-11-12 18:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-24 05:03 - 2016-11-12 18:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-24 05:03 - 2016-11-12 17:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-24 05:03 - 2016-11-12 17:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-24 05:03 - 2016-11-12 17:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-24 05:03 - 2016-11-12 17:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-24 05:03 - 2016-11-12 17:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-24 05:03 - 2016-11-12 17:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-24 05:03 - 2016-11-12 17:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-24 05:03 - 2016-11-12 17:38 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-24 05:03 - 2016-11-12 17:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-24 05:03 - 2016-11-12 17:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-24 05:03 - 2016-11-12 17:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-24 05:03 - 2016-11-12 17:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-24 05:03 - 2016-11-12 17:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-24 05:03 - 2016-11-12 17:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-24 05:03 - 2016-11-10 16:19 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-24 05:03 - 2016-11-09 16:24 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-24 05:03 - 2016-11-09 16:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-24 05:03 - 2016-11-09 16:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-24 05:03 - 2016-11-09 16:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-24 05:03 - 2016-11-09 16:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-24 05:03 - 2016-11-09 16:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-24 05:03 - 2016-11-09 16:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-24 05:03 - 2016-11-09 15:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-24 05:03 - 2016-11-06 16:16 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-24 05:03 - 2016-11-06 15:55 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-24 05:03 - 2016-11-02 15:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-24 05:03 - 2016-11-02 15:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-24 05:03 - 2016-11-02 15:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-24 05:03 - 2016-11-02 15:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-24 05:03 - 2016-11-02 14:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-24 05:03 - 2016-10-27 15:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-24 05:03 - 2016-10-15 15:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-24 05:03 - 2016-10-15 15:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-24 05:03 - 2016-10-11 15:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-01-24 05:03 - 2016-10-11 15:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-24 05:03 - 2016-10-11 15:21 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-24 05:03 - 2016-10-11 15:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-24 05:03 - 2016-10-11 15:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-24 05:03 - 2016-10-11 15:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-24 05:03 - 2016-10-11 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-24 05:03 - 2016-10-11 14:55 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-24 05:03 - 2016-10-11 14:55 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-24 05:03 - 2016-10-11 14:55 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-24 05:03 - 2016-10-11 14:55 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-24 05:03 - 2016-10-11 14:53 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-24 05:03 - 2016-10-11 14:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-24 05:03 - 2016-10-11 14:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-24 05:03 - 2016-10-11 13:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-24 05:03 - 2016-10-11 13:18 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-24 05:03 - 2016-10-08 13:05 - 00534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-24 05:03 - 2016-10-07 15:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-24 05:03 - 2016-10-07 15:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-24 05:03 - 2016-10-07 15:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2017-01-24 05:03 - 2016-10-07 15:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-24 05:03 - 2016-10-05 14:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-24 05:03 - 2016-10-04 15:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-24 05:03 - 2016-10-04 15:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-24 05:03 - 2016-10-04 15:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-24 05:03 - 2016-10-04 15:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-24 05:03 - 2016-09-15 14:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-24 05:03 - 2016-09-12 20:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-01-24 05:03 - 2016-09-12 19:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-01-24 05:03 - 2016-09-12 19:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-01-24 05:03 - 2016-09-09 18:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-24 05:03 - 2016-09-08 20:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-01-24 05:03 - 2016-09-08 20:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-01-24 05:03 - 2016-09-08 14:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-01-24 05:03 - 2016-09-08 14:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-01-24 05:03 - 2016-08-21 13:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-24 05:03 - 2016-08-12 16:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-01-24 05:03 - 2016-08-12 16:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-01-24 05:03 - 2016-08-12 16:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-01-24 05:03 - 2016-08-12 16:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-01-24 05:03 - 2016-08-12 16:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
Reply With Quote
  #10  
Old January 28th, 2017, 12:29 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
2017-01-24 05:03 - 2016-08-12 16:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-01-24 05:03 - 2016-08-06 15:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-01-24 05:03 - 2016-08-06 15:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-01-24 05:03 - 2016-08-06 15:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-01-24 05:03 - 2016-08-06 15:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-01-24 05:03 - 2016-08-06 15:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-01-24 05:03 - 2016-08-06 14:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-01-24 05:03 - 2016-08-06 14:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-01-24 05:03 - 2016-08-06 14:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-01-24 05:03 - 2016-06-14 15:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-01-24 05:03 - 2016-06-14 15:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-01-24 05:03 - 2016-06-14 15:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-01-24 05:03 - 2016-06-14 15:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-01-24 05:03 - 2016-06-14 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-01-24 05:03 - 2016-06-14 15:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-01-24 05:03 - 2016-06-14 15:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-01-24 05:03 - 2016-06-14 15:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-01-24 05:03 - 2016-06-14 14:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-01-24 05:03 - 2016-06-14 14:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-01-24 05:03 - 2016-06-14 14:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-01-24 05:01 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2017-01-24 05:01 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2017-01-24 05:01 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2017-01-24 05:01 - 2014-07-09 01:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2017-01-24 05:01 - 2014-07-09 01:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2017-01-24 04:41 - 2017-01-24 04:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-01-24 04:41 - 2017-01-24 04:41 - 00000000 ____D C:\Windows\system32\appraiser
2017-01-24 02:01 - 2016-09-12 20:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-01-24 02:01 - 2016-09-12 20:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-01-24 02:01 - 2016-09-09 15:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-01-24 02:01 - 2016-03-23 22:39 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-01-24 02:00 - 2016-04-14 13:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-01-24 02:00 - 2016-04-09 04:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-01-24 01:58 - 2015-07-30 17:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-01-24 01:53 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-01-24 01:13 - 2015-12-08 21:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-01-24 01:08 - 2015-02-04 02:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-01-23 13:38 - 2012-07-26 03:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2017-01-23 13:38 - 2012-07-26 03:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2017-01-23 13:38 - 2012-07-26 03:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-01-23 13:38 - 2012-07-26 03:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2017-01-23 13:38 - 2012-07-26 03:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2017-01-23 13:38 - 2012-07-26 02:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2017-01-23 13:38 - 2012-07-26 02:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2017-01-23 13:38 - 2012-06-02 14:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_ Inbox_Critical.Wdf
2017-01-23 13:35 - 2014-06-30 22:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2017-01-23 13:35 - 2014-06-06 06:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-01-23 13:35 - 2014-03-09 21:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2017-01-23 13:35 - 2014-03-09 21:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2017-01-23 13:33 - 2012-03-01 05:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2017-01-23 13:33 - 2012-03-01 05:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2017-01-23 12:54 - 2017-01-23 12:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2017-01-23 12:54 - 2017-01-23 12:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2017-01-23 12:54 - 2017-01-23 12:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2017-01-23 12:54 - 2017-01-23 12:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2017-01-23 12:54 - 2017-01-23 12:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-01-23 12:54 - 2017-01-23 12:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2017-01-23 12:54 - 2017-01-23 12:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2017-01-23 12:54 - 2017-01-23 12:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2017-01-23 12:53 - 2017-01-23 12:53 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2017-01-23 12:50 - 2017-01-23 12:50 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-01-23 12:50 - 2017-01-23 12:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-01-23 12:48 - 2017-01-23 12:48 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-01-23 12:46 - 2015-07-30 13:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2017-01-23 12:45 - 2017-01-23 12:45 - 00000000 ____D C:\Windows\PCHEALTH
2017-01-23 04:29 - 2015-01-09 02:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2017-01-23 04:29 - 2015-01-09 02:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2017-01-23 04:29 - 2015-01-09 02:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2017-01-23 04:24 - 2016-05-11 15:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-01-23 04:24 - 2015-01-29 03:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2017-01-23 04:24 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dl l
2017-01-23 04:24 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2017-01-23 04:24 - 2013-07-03 03:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2017-01-23 04:24 - 2013-07-03 03:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2017-01-23 04:24 - 2012-07-04 19:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2017-01-23 04:23 - 2016-02-03 17:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2017-01-23 04:23 - 2013-02-12 03:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2017-01-23 04:22 - 2016-02-09 09:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-01-23 04:22 - 2016-02-02 18:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-01-23 04:22 - 2015-11-11 18:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-01-23 04:22 - 2015-11-11 18:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-01-23 04:22 - 2012-11-02 05:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2017-01-23 04:22 - 2011-06-16 04:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2017-01-23 04:21 - 2016-03-16 18:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2017-01-23 04:21 - 2016-03-16 18:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-01-23 04:21 - 2016-02-04 18:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-01-23 04:21 - 2015-08-27 17:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-01-23 04:21 - 2015-08-27 17:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-01-23 04:21 - 2015-07-09 17:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-01-23 04:21 - 2015-07-09 17:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-01-23 04:21 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2017-01-23 04:21 - 2011-02-18 05:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2017-01-23 04:20 - 2016-06-25 19:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-01-23 04:20 - 2016-06-25 19:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-01-23 04:20 - 2016-06-25 19:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-01-23 04:20 - 2016-06-25 19:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-01-23 04:20 - 2016-06-25 19:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-01-23 04:20 - 2016-06-25 19:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-01-23 04:20 - 2016-03-17 22:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-23 04:20 - 2016-03-17 22:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-01-23 04:20 - 2016-03-17 22:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-23 04:20 - 2016-03-17 22:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 21:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-23 04:20 - 2016-03-17 21:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 21:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 21:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-23 04:20 - 2016-03-17 21:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-23 04:20 - 2016-03-09 18:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-01-23 04:20 - 2015-08-05 17:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2017-01-23 04:20 - 2015-06-03 20:20 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-01-23 04:20 - 2015-06-03 20:16 - 00470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-01-23 04:20 - 2014-11-11 02:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2017-01-23 04:20 - 2013-01-24 04:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-01-23 04:20 - 2011-03-03 05:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-01-23 04:20 - 2011-03-03 05:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-01-23 04:20 - 2011-03-03 05:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2017-01-23 04:19 - 2014-03-04 09:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2017-01-23 04:19 - 2014-03-04 09:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2017-01-23 04:19 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-01-23 04:18 - 2016-05-12 15:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-01-23 04:18 - 2016-05-12 15:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-01-23 04:18 - 2016-05-12 14:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-01-23 04:18 - 2016-05-12 14:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-01-23 04:18 - 2016-03-09 18:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-01-23 04:18 - 2015-10-29 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-01-23 04:18 - 2015-10-29 17:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-01-23 04:18 - 2015-10-29 17:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-01-23 04:18 - 2015-10-29 17:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-01-23 04:18 - 2015-07-15 17:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-01-23 04:18 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2017-01-23 04:18 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2017-01-23 04:18 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2017-01-23 04:18 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2017-01-23 04:18 - 2012-08-21 20:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2017-01-23 04:18 - 2011-12-30 05:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2017-01-23 04:18 - 2011-08-17 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2017-01-23 04:18 - 2011-08-17 04:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2017-01-23 04:17 - 2016-05-12 13:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-01-23 04:17 - 2015-10-13 16:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-01-23 04:17 - 2015-10-13 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-01-23 04:17 - 2014-09-04 05:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-01-23 04:17 - 2013-05-10 03:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2017-01-23 04:17 - 2011-08-27 04:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-01-23 04:17 - 2011-05-24 10:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2017-01-23 04:16 - 2016-07-22 14:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-23 04:16 - 2016-03-15 23:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-01-23 04:16 - 2016-03-15 23:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-01-23 04:16 - 2015-11-03 18:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2017-01-23 04:16 - 2015-10-13 04:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-01-23 04:16 - 2015-04-11 03:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-01-23 04:16 - 2015-03-04 04:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2017-01-23 04:16 - 2014-01-28 02:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-01-23 04:16 - 2013-05-13 03:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-01-23 04:16 - 2013-05-13 03:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2017-01-23 04:16 - 2013-03-19 03:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-01-23 04:15 - 2016-08-29 15:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-01-23 04:15 - 2016-08-29 15:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-01-23 04:15 - 2016-08-29 14:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-01-23 04:15 - 2015-07-22 17:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-01-23 04:15 - 2014-02-04 02:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-01-23 04:15 - 2014-02-04 02:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-01-23 04:15 - 2014-02-04 02:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2017-01-23 04:15 - 2014-02-04 02:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2017-01-23 04:15 - 2012-10-03 16:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-01-23 04:15 - 2012-10-03 16:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2017-01-23 04:15 - 2012-10-03 16:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-01-23 04:14 - 2015-07-09 17:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-01-23 04:14 - 2015-07-09 17:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-01-23 04:14 - 2014-06-18 01:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2017-01-23 04:14 - 2012-07-04 21:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2017-01-23 04:14 - 2012-07-04 21:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2017-01-23 04:14 - 2012-07-04 21:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2017-01-23 04:14 - 2012-06-06 05:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-01-23 04:14 - 2011-05-04 04:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-01-23 04:14 - 2011-05-04 04:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-01-23 04:14 - 2011-05-04 04:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-01-23 04:14 - 2011-05-04 04:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-01-23 04:14 - 2011-05-04 04:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-01-23 04:14 - 2011-05-04 04:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-01-23 04:14 - 2011-05-04 04:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-01-23 04:14 - 2011-05-04 04:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-01-23 04:14 - 2011-05-04 04:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-01-23 04:14 - 2011-02-12 05:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2017-01-23 04:13 - 2016-07-07 15:20 - 01309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-01-23 04:13 - 2016-07-07 15:20 - 00240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-01-23 04:13 - 2016-07-07 15:20 - 00187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-01-23 04:13 - 2016-07-07 14:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-01-23 04:13 - 2016-01-22 06:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-01-23 04:13 - 2016-01-22 06:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-01-23 04:13 - 2016-01-21 00:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-01-23 04:13 - 2015-05-25 18:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-01-23 04:13 - 2015-05-25 18:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-01-23 04:13 - 2015-05-25 18:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-01-23 04:13 - 2015-05-25 18:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-01-23 04:13 - 2015-05-25 18:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-01-23 04:13 - 2015-05-25 18:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-01-23 04:12 - 2016-08-12 16:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-01-23 04:12 - 2016-08-12 16:21 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-01-23 04:12 - 2016-08-12 16:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-01-23 04:12 - 2015-04-18 02:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-23 04:12 - 2015-04-13 03:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-01-23 04:12 - 2014-08-01 11:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-01-23 04:12 - 2010-12-23 05:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-01-23 04:12 - 2010-12-23 05:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2017-01-23 04:11 - 2015-12-08 21:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-01-23 04:11 - 2014-06-18 22:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2017-01-23 04:11 - 2014-06-18 22:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2017-01-23 04:11 - 2014-06-18 22:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2017-01-23 04:11 - 2012-12-07 12:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2017-01-23 04:11 - 2012-12-07 12:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2017-01-23 04:11 - 2012-12-07 10:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2017-01-23 04:11 - 2012-12-07 10:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2017-01-23 04:10 - 2014-12-19 02:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-01-23 04:10 - 2014-10-25 01:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2017-01-23 04:09 - 2016-03-06 18:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-01-23 04:09 - 2016-03-06 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-01-23 04:09 - 2015-11-05 19:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-01-23 04:09 - 2015-11-05 09:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-01-23 04:09 - 2011-12-16 07:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2017-01-23 04:09 - 2011-06-15 08:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2017-01-23 04:09 - 2011-06-15 08:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2017-01-23 04:09 - 2011-06-15 08:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2017-01-23 04:09 - 2011-06-15 08:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2017-01-23 04:09 - 2011-06-15 08:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2017-01-23 04:08 - 2016-02-05 18:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-01-23 04:08 - 2016-02-05 17:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-01-23 04:08 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-01-23 04:08 - 2015-11-13 22:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2017-01-23 04:08 - 2015-11-13 22:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2017-01-23 04:08 - 2015-11-13 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2017-01-23 04:08 - 2015-06-03 20:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-01-23 04:08 - 2015-02-03 03:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-01-23 04:08 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2017-01-23 04:08 - 2014-07-17 01:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2017-01-23 04:08 - 2014-07-17 01:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-01-23 04:08 - 2014-07-17 01:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2017-01-23 04:08 - 2014-07-17 01:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2017-01-23 04:08 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-01-23 04:08 - 2013-10-12 02:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-01-23 04:08 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2017-01-23 04:08 - 2013-08-05 01:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2017-01-23 04:08 - 2013-07-26 01:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-01-23 04:08 - 2012-09-25 22:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2017-01-23 04:08 - 2012-04-26 04:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2017-01-23 04:08 - 2012-04-26 04:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2017-01-23 04:08 - 2012-03-17 07:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-01-23 04:08 - 2012-01-04 08:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2017-01-23 04:07 - 2015-07-15 02:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-01-23 04:07 - 2012-10-09 17:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2017-01-23 04:07 - 2012-10-09 17:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2017-01-23 04:06 - 2016-05-11 15:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-01-23 04:06 - 2016-05-11 15:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-01-23 04:06 - 2016-05-11 15:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-01-23 04:06 - 2016-05-11 15:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-01-23 04:06 - 2016-05-11 14:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-01-23 04:06 - 2015-12-08 21:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-01-23 04:06 - 2015-12-08 21:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-01-23 04:06 - 2015-12-08 21:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-01-23 04:06 - 2015-12-08 21:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-01-23 04:06 - 2015-12-08 21:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-01-23 04:06 - 2015-12-08 21:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-01-23 04:06 - 2015-12-08 21:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-01-23 04:06 - 2015-12-08 21:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-01-23 04:06 - 2015-12-08 21:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-01-23 04:06 - 2015-12-08 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
Reply With Quote
  #11  
Old January 28th, 2017, 12:29 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2017-01-23 04:06 - 2015-02-25 03:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-01-23 04:06 - 2014-12-06 03:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2017-01-23 04:06 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-01-23 04:06 - 2013-07-12 10:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2017-01-23 04:06 - 2013-07-12 10:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2017-01-23 04:06 - 2012-10-03 16:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2017-01-23 04:06 - 2012-10-03 16:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2017-01-23 04:06 - 2011-03-11 05:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2017-01-23 04:06 - 2011-03-11 05:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2017-01-23 04:05 - 2013-06-25 22:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-01-23 04:05 - 2012-11-28 22:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-01-23 04:05 - 2012-11-28 22:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2017-01-23 04:05 - 2012-11-28 22:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_I nbox_Critical.Wdf
2017-01-23 03:33 - 2016-04-09 06:59 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-01-23 03:33 - 2016-04-09 06:59 - 00218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-01-23 03:33 - 2016-04-09 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-01-23 03:33 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2017-01-23 03:33 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2017-01-23 03:33 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2017-01-23 03:33 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2017-01-23 03:33 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2017-01-23 03:33 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2017-01-23 03:33 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2017-01-23 03:33 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2017-01-23 03:33 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2017-01-23 03:32 - 2015-04-24 17:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-01-23 03:32 - 2014-12-08 02:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2017-01-23 03:31 - 2014-10-14 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-01-23 03:28 - 2016-01-11 18:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-01-23 02:08 - 2012-02-17 05:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-01-23 02:08 - 2012-02-17 04:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2017-01-23 00:59 - 2017-01-23 00:59 - 01170452 _____ C:\Users\Ben\AppData\Local\census.cache
2017-01-23 00:27 - 2017-01-23 00:27 - 01960481 _____ C:\Users\Ben\AppData\Local\ars.cache
2017-01-22 23:17 - 2017-01-25 18:55 - 00013312 ___SH C:\Users\Ben\Desktop\Thumbs.db
2017-01-22 21:02 - 2017-01-26 02:11 - 00000010 _____ C:\Users\Ben\AppData\Local\sponge.last.runtime.cac he
2017-01-22 20:45 - 2017-01-22 20:45 - 00000036 _____ C:\Users\Ben\AppData\Local\housecall.guid.cache
2017-01-22 20:45 - 2016-08-22 19:20 - 00323808 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2017-01-22 17:40 - 2017-01-25 18:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-22 17:40 - 2017-01-24 16:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-22 17:40 - 2017-01-22 17:40 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-22 17:20 - 2017-01-22 17:20 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-22 17:20 - 2017-01-22 17:19 - 00118664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-22 17:20 - 2017-01-22 17:19 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-22 17:19 - 2017-01-20 14:15 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-22 16:54 - 2017-01-26 19:10 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-22 12:37 - 2017-01-22 12:37 - 00014736 _____ C:\Windows\system32\results.xml
2017-01-22 12:30 - 2017-01-22 12:30 - 08194584 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 06042112 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 05946368 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-01-22 12:30 - 2017-01-22 12:30 - 05702656 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 03839488 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-01-22 12:30 - 2017-01-22 12:30 - 00982220 _____ C:\Windows\system32\igkrng500.bin
2017-01-22 12:30 - 2017-01-22 12:30 - 00672792 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00549888 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00439300 _____ C:\Windows\system32\igcompkrng500.bin
2017-01-22 12:30 - 2017-01-22 12:30 - 00310784 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00304640 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00299520 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00294912 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00289280 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00287744 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00280576 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00280064 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00277504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00275968 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00262656 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00257536 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00217088 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00199680 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00179712 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00178176 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-01-22 12:30 - 2017-01-22 12:30 - 00174104 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1872.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00151064 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2017-01-22 12:30 - 2017-01-22 12:30 - 00134592 _____ C:\Windows\system32\igfcg500.bin
2017-01-22 12:30 - 2017-01-22 12:30 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00119296 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-01-22 12:30 - 2017-01-22 12:30 - 00094720 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00092216 _____ C:\Windows\system32\igfcg500m.bin
2017-01-22 12:30 - 2017-01-22 12:30 - 00059484 _____ C:\Windows\system32\iglhxc32.vp
2017-01-22 12:30 - 2017-01-22 12:30 - 00059392 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00059315 _____ C:\Windows\system32\iglhxo32.vp
2017-01-22 12:30 - 2017-01-22 12:30 - 00058840 _____ C:\Windows\system32\iglhxg32.vp
2017-01-22 12:30 - 2017-01-22 12:30 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00045004 _____ C:\Windows\system32\iglhxs32.vp
2017-01-22 12:30 - 2017-01-22 12:30 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-01-22 12:30 - 2017-01-22 12:30 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2017-01-22 12:26 - 2017-01-22 12:26 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2017-01-22 11:38 - 2017-01-22 11:38 - 00001413 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Internet Explorer.lnk
2017-01-22 11:36 - 2017-01-22 11:36 - 00000020 ___SH C:\Users\Ben\ntuser.ini
2017-01-22 08:41 - 2017-01-22 11:36 - 00000000 ____D C:\Windows\Panther
2017-01-22 08:39 - 2017-01-22 08:39 - 00262144 _____ C:\Windows\system32\config\userdiff
2017-01-22 08:22 - 2017-01-22 03:24 - 00000000 ___HD C:\$WINDOWS.~Q
2017-01-22 08:07 - 2017-01-22 08:17 - 00000000 ___HD C:\$INPLACE.~TR
2017-01-22 01:52 - 2017-01-22 01:52 - 00021316 _____ C:\Windows\system32\emptyregdb.dat
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\Documents\My Google Gadgets
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Google Desktop
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\LocalLow\Sun
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default\AppData\Local\Adobe
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\Documents\My Google Gadgets
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Desktop
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\Sun
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2017-01-22 01:40 - 2017-01-22 01:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Adobe
2017-01-22 00:49 - 2017-01-22 11:36 - 00000000 ____D C:\Users\Ben
2017-01-22 00:49 - 2017-01-22 00:49 - 00000000 _SHDL C:\Users\Ben\My Documents
2017-01-22 00:49 - 2017-01-22 00:49 - 00000000 _SHDL C:\Users\Ben\Documents\My Videos
2017-01-22 00:49 - 2017-01-22 00:49 - 00000000 _SHDL C:\Users\Ben\Documents\My Pictures
2017-01-22 00:49 - 2017-01-22 00:49 - 00000000 _SHDL C:\Users\Ben\Documents\My Music
2017-01-22 00:49 - 2010-11-21 00:46 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Media Center Programs
2017-01-22 00:48 - 2017-01-22 00:48 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-01-22 00:48 - 2017-01-22 00:48 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-01-22 00:47 - 2017-01-27 22:55 - 00039408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-22 00:47 - 2017-01-27 22:55 - 00039408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_0100 0.Wdf
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____D C:\Windows\system32\RTCOM
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____D C:\Program Files\Synaptics
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____D C:\Program Files\Realtek
2017-01-22 00:46 - 2017-01-22 00:46 - 00000000 ____D C:\Program Files\CONEXANT
2017-01-21 01:17 - 2017-01-21 22:28 - 00001890 _____ C:\Windows\diagwrn.xml
2017-01-21 01:17 - 2017-01-21 22:28 - 00001890 _____ C:\Windows\diagerr.xml
2017-01-20 14:50 - 2017-01-22 00:53 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-01-20 14:20 - 2017-01-22 01:25 - 00000000 ____D C:\Users\Ben\AppData\Local\CEF
2017-01-20 14:17 - 2017-01-22 01:31 - 00000000 ____D C:\Users\Ben\AppData\Roaming\AVAST Software
2017-01-20 14:16 - 2017-01-22 17:20 - 00002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-20 14:16 - 2017-01-22 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-01-20 14:16 - 2017-01-20 14:16 - 00735488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-01-20 14:16 - 2017-01-20 14:16 - 00433768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-01-20 14:16 - 2017-01-20 14:16 - 00224752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-01-20 14:16 - 2017-01-20 14:15 - 00184592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2017-01-20 14:16 - 2017-01-20 14:15 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-20 14:16 - 2017-01-20 14:15 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-01-20 14:16 - 2017-01-20 14:15 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-20 14:16 - 2017-01-20 14:15 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-20 14:15 - 2017-01-20 14:15 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-01-20 14:15 - 2017-01-20 14:15 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-20 14:14 - 2017-01-22 00:52 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-19 22:28 - 2017-01-19 22:28 - 00000000 __SHD C:\found.003
2017-01-19 21:39 - 2017-01-22 00:59 - 00000000 ____D C:\ProgramData\CAT
2017-01-18 21:22 - 2017-01-22 00:52 - 00000000 ____D C:\Program Files\Common Files\Java
2017-01-16 21:14 - 2017-01-20 13:59 - 00000000 ____D C:\Program Files\Avira
2017-01-15 00:52 - 2017-01-26 16:21 - 00000000 ____D C:\CAT-Logs
2017-01-13 23:16 - 2017-01-26 11:38 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-13 12:37 - 2017-01-27 23:14 - 00000000 ____D C:\FRST
2017-01-12 00:11 - 2017-01-22 01:03 - 00000000 ____D C:\Windows\system32\catroot2(31888)
2017-01-11 20:20 - 2017-01-11 20:20 - 00000000 ____D C:\1276602e8b1dd97d76f25f
2017-01-11 20:17 - 2017-01-11 20:17 - 00000000 ____D C:\b19a0f84348ec7312936
2017-01-10 19:28 - 2017-01-22 00:59 - 00000000 ____D C:\ProgramData\Avira

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 22:37 - 2012-04-23 12:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-27 22:33 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-26 18:53 - 2011-08-25 20:37 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Apple Computer
2017-01-26 18:53 - 2011-08-25 20:37 - 00000000 ____D C:\Users\Ben\AppData\Local\Apple Computer
2017-01-26 16:01 - 2012-05-12 16:06 - 00000000 ____D C:\Users\Ben\Documents\Our Information
2017-01-26 15:16 - 2011-08-13 14:35 - 00000000 ___RD C:\Users\Ben\Desktop\Shortcuts
2017-01-26 15:13 - 2011-08-25 20:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-01-26 15:11 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2017-01-26 15:05 - 2016-11-19 00:26 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Mozilla
2017-01-26 15:02 - 2012-06-26 22:18 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc
2017-01-26 14:52 - 2013-09-13 12:21 - 00000000 ____D C:\Users\Ben\AppData\Local\Windows Live
2017-01-26 14:35 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-26 11:43 - 2014-11-19 16:27 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-26 01:58 - 2011-11-05 21:44 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-01-25 22:48 - 2014-11-23 12:44 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-25 19:55 - 2008-10-22 21:55 - 00000000 ____D C:\Program Files\Google
2017-01-25 18:43 - 2010-11-21 00:46 - 00000000 ____D C:\Windows\RemotePackages
2017-01-25 14:58 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\AppCompat
2017-01-24 16:52 - 2009-07-14 04:33 - 00427192 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-24 15:33 - 2011-08-25 19:44 - 00000000 ____D C:\Users\Ben\Documents\Jemma
2017-01-24 08:26 - 2010-11-20 21:01 - 00835388 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-24 07:50 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\Dism
2017-01-24 07:50 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-01-24 07:38 - 2013-08-14 07:12 - 00000000 ____D C:\Windows\system32\MRT
2017-01-24 07:07 - 2012-04-07 19:24 - 00116288 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2017-01-24 04:41 - 2010-11-21 00:46 - 00000000 ____D C:\Windows\ShellNew
2017-01-24 04:41 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\tracing
2017-01-24 04:41 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2017-01-24 04:41 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-01-24 00:21 - 2009-07-14 04:52 - 00000000 ____D C:\Program Files\Windows Defender
2017-01-24 00:17 - 2012-06-13 19:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-01-23 13:40 - 2012-06-13 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-23 07:59 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache
2017-01-23 07:49 - 2012-04-05 17:30 - 00000000 ____D C:\Users\Ben\AppData\Local\ElevatedDiagnostics
2017-01-22 18:52 - 2016-01-30 16:52 - 00000000 ____D C:\Users\Ben\AppData\Local\Mozilla
2017-01-22 17:46 - 2012-06-03 12:17 - 00000000 ____D C:\Users\Ben\Documents\WebCam Media
2017-01-22 17:46 - 2012-01-24 16:12 - 00000000 ____D C:\Users\Ben\Documents\Receipts
2017-01-22 17:46 - 2011-08-25 19:44 - 00000000 ____D C:\Users\Ben\Documents\My Scans
2017-01-22 12:44 - 2011-08-16 06:36 - 00000000 ____D C:\Update
2017-01-22 12:30 - 2009-07-13 22:09 - 04233728 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2017-01-22 12:30 - 2009-07-13 22:09 - 03646976 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2017-01-22 12:30 - 2008-10-22 20:16 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2017-01-22 12:25 - 2008-10-22 21:55 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-22 12:22 - 2008-10-22 18:43 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-01-22 12:22 - 2008-10-22 17:57 - 00000000 ____D C:\Program Files\sony
2017-01-22 12:11 - 2015-11-23 19:56 - 00000000 ____D C:\Users\Ben\Documents\Kingsland School newsletters
2017-01-22 11:43 - 2009-07-14 02:37 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-22 08:41 - 2009-07-14 04:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-01-22 08:41 - 2008-10-22 18:37 - 00008192 __RSH C:\BOOTSECT.BAK
2017-01-22 03:45 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\oobe
2017-01-22 01:53 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Registration
2017-01-22 01:48 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\Media
2017-01-22 01:46 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Globalization
2017-01-22 01:41 - 2009-07-14 04:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-22 01:34 - 2012-07-13 20:19 - 00000000 ____D C:\Users\Ben\MSYNC
2017-01-22 01:34 - 2012-07-06 12:13 - 00000000 ____D C:\Users\Ben\Documents\SelfMV
2017-01-22 01:34 - 2011-12-29 16:57 - 00000000 ____D C:\Users\Ben\Documents\WebCam Albums
2017-01-22 01:34 - 2011-08-25 21:46 - 00000000 ____D C:\Users\Ben\Documents\Share's Documents
2017-01-22 01:33 - 2016-08-25 22:44 - 00000000 ____D C:\Users\Ben\AppData\Roaming\SyncTunesDesktop
2017-01-22 01:33 - 2016-02-13 19:28 - 00000000 ____D C:\Users\Ben\Documents\FIFA Problems
2017-01-22 01:33 - 2016-02-11 16:07 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Sun
2017-01-22 01:33 - 2015-11-10 17:53 - 00000000 ____D C:\Users\Ben\Desktop\Picture Ideas
2017-01-22 01:33 - 2015-09-04 11:44 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Wondershare
2017-01-22 01:33 - 2013-12-02 11:55 - 00000000 ___RD C:\Users\Ben\Documents\Notes
2017-01-22 01:33 - 2013-01-02 22:36 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Wise Disk Cleaner
2017-01-22 01:33 - 2012-08-12 18:23 - 00000000 ____D C:\Users\Ben\Documents\Outlook Files
2017-01-22 01:33 - 2012-07-22 23:40 - 00000000 ____D C:\Users\Ben\Documents\JRT Studio
2017-01-22 01:33 - 2012-06-12 21:20 - 00000000 ____D C:\Users\Ben\Documents\samsung
2017-01-22 01:33 - 2012-06-12 21:20 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Samsung
2017-01-22 01:33 - 2012-06-04 21:59 - 00000000 ____D C:\Users\Ben\Documents\Picture Motion Browser
2017-01-22 01:33 - 2011-08-25 19:50 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Skype
2017-01-22 01:33 - 2011-08-25 19:44 - 00000000 ____D C:\Users\Ben\Documents\InterVideo
2017-01-22 01:33 - 2011-08-25 19:44 - 00000000 ____D C:\Users\Ben\Documents\Ben
2017-01-22 01:33 - 2011-08-25 19:32 - 00000000 ____D C:\Users\Ben\Documents\OneNote Notebooks
2017-01-22 01:33 - 2011-08-13 14:03 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Sony Corporation
2017-01-22 01:33 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\Documents\My Google Gadgets
2017-01-22 01:32 - 2016-02-16 18:49 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Media Mushroom Limited
2017-01-22 01:32 - 2016-01-30 16:52 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Mozilla
2017-01-22 01:32 - 2015-05-24 12:32 - 00000000 ____D C:\Users\Ben\AppData\Roaming\PortForward.com
2017-01-22 01:32 - 2012-11-02 18:13 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Roxio
2017-01-22 01:32 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Google Desktop
2017-01-22 01:31 - 2016-11-20 20:05 - 00000000 ____D C:\Users\Ben\AppData\Local\NETGEARGenie
2017-01-22 01:31 - 2015-09-02 23:13 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Jihosoft Android Phone Recovery
2017-01-22 01:31 - 2015-08-31 20:57 - 00000000 ____D C:\Users\Ben\AppData\Local\Rellik_Software
2017-01-22 01:31 - 2015-08-02 19:10 - 00000000 ____D C:\Users\Ben\AppData\Local\TomTom
2017-01-22 01:31 - 2015-06-23 20:38 - 00000000 ____D C:\Users\Ben\AppData\Local\Wondershare
2017-01-22 01:31 - 2015-04-10 19:32 - 00000000 ____D C:\Users\Ben\AppData\Local\MPlayer
2017-01-22 01:31 - 2014-08-25 13:34 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Oracle
2017-01-22 01:31 - 2013-07-23 20:04 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Downloaded Installations
2017-01-22 01:31 - 2012-11-02 18:53 - 00000000 ____D C:\Users\Ben\AppData\Roaming\dvdcss
2017-01-22 01:31 - 2012-07-22 23:40 - 00000000 ____D C:\Users\Ben\AppData\Roaming\JRT Studio
2017-01-22 01:31 - 2012-04-20 23:27 - 00000000 ____D C:\Users\Ben\AppData\Roaming\HpUpdate
2017-01-22 01:31 - 2011-12-24 11:35 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Google
2017-01-22 01:31 - 2011-10-06 18:39 - 00000000 ____D C:\Users\Ben\AppData\Roaming\gtk-2.0
2017-01-22 01:31 - 2011-08-25 20:22 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Apple Computer
2017-01-22 01:31 - 2011-08-25 19:56 - 00000000 ____D C:\Users\Ben\AppData\Roaming\ArcSoft
2017-01-22 01:31 - 2011-08-24 23:22 - 00000000 ____D C:\Users\Ben\AppData\Roaming\HP
2017-01-22 01:31 - 2011-08-17 18:19 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Adobe
2017-01-22 01:31 - 2011-08-17 16:42 - 00000000 ____D C:\Users\Ben\AppData\Roaming\InstallShield
2017-01-22 01:31 - 2011-08-13 14:44 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Google
2017-01-22 01:31 - 2011-08-13 14:03 - 00000000 ____D C:\Users\Ben\AppData\Local\Sony_Corporation
2017-01-22 01:31 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Macromedia
2017-01-22 01:31 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Adobe
2017-01-22 01:31 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\LocalLow\Sun
2017-01-22 01:31 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Local\VirtualStore
2017-01-22 01:26 - 2016-10-27 18:28 - 00000000 ____D C:\Users\Ben\AppData\Local\LeapFrogConnect
2017-01-22 01:26 - 2016-01-30 17:10 - 00000000 ____D C:\Users\Ben\AppData\Local\Macromedia
2017-01-22 01:26 - 2015-03-06 15:19 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Corporation
2017-01-22 01:26 - 2013-03-21 22:25 - 00000000 ____D C:\Users\Ben\AppData\Local\gtk-2.0
2017-01-22 01:26 - 2012-11-22 11:11 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Games
2017-01-22 01:26 - 2011-08-25 16:59 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Help
2017-01-22 01:26 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Local\Google
2017-01-22 01:25 - 2016-06-30 12:13 - 00000000 ____D C:\Users\Ben\.android
2017-01-22 01:25 - 2016-02-18 16:28 - 00000000 ____D C:\Users\Ben\.oracle_jre_usage
2017-01-22 01:25 - 2015-04-10 19:35 - 00000000 ____D C:\Users\Ben\.smplayer
2017-01-22 01:25 - 2014-12-02 15:06 - 00000000 ____D C:\Users\Ben\AppData\Local\CrashDumps
2017-01-22 01:25 - 2012-07-22 22:51 - 00000000 ____D C:\Users\Ben\AppData\Local\doubleTwist Corporation
2017-01-22 01:25 - 2011-10-31 15:56 - 00000000 ____D C:\Users\Ben\AppData\Local\Citrix
2017-01-22 01:25 - 2011-10-31 15:55 - 00000000 ____D C:\Users\Ben\AppData\Local\Apps\2.0
2017-01-22 01:25 - 2011-09-09 17:16 - 00000000 ____D C:\Users\Ben\AppData\Local\Downloaded Installations
2017-01-22 01:25 - 2011-08-25 20:31 - 00000000 ____D C:\Users\Ben\AppData\Local\Apple
2017-01-22 01:25 - 2011-08-13 13:57 - 00000000 ____D C:\Users\Ben\AppData\Local\Adobe
2017-01-22 01:03 - 2013-09-25 12:07 - 00000000 ____D C:\Windows\Sun
2017-01-22 01:03 - 2013-07-23 20:05 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2017-01-22 01:03 - 2013-07-09 22:35 - 00000000 __SHD C:\Windows\system32\%APPDATA%
2017-01-22 01:03 - 2012-06-12 21:22 - 00000000 ____D C:\Windows\system32\System32
2017-01-22 01:03 - 2012-04-23 07:00 - 00000000 ____D C:\Windows\system32\Adobe
2017-01-22 01:03 - 2011-08-14 13:34 - 00000000 ____D C:\Windows\system32\EventProviders
2017-01-22 01:03 - 2011-08-13 20:51 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-22 01:03 - 2010-11-21 00:38 - 00000000 ____D C:\Windows\system32\WCN
2017-01-22 01:03 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\sysprep
2017-01-22 01:03 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-22 01:03 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\lv-LV
2017-01-22 01:03 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\lt-LT
2017-01-22 01:03 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\et-EE
2017-01-22 01:03 - 2008-10-22 20:16 - 00000000 ____D C:\Windows\system32\Lang
2017-01-22 01:03 - 2008-10-22 18:46 - 00000000 ____D C:\Windows\system32\sda
2017-01-22 01:03 - 2006-11-02 12:42 - 00000000 ____D C:\Windows\WindowsMobile
2017-01-22 01:03 - 2006-11-02 12:42 - 00000000 ____D C:\Windows\system32\Branding
2017-01-22 01:03 - 2006-11-02 12:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2017-01-22 01:03 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\RemInst
2017-01-22 01:02 - 2012-04-20 23:23 - 00000000 ____D C:\Windows\Hewlett-Packard
2017-01-22 01:02 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\ModemLogs
2017-01-22 01:02 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Help
2017-01-22 01:02 - 2008-10-22 18:36 - 00000000 ____D C:\Windows\OEMCert
2017-01-22 01:02 - 2008-10-22 17:56 - 00000000 ____D C:\Windows\InstDrvs
2017-01-22 01:02 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\nap
2017-01-22 01:01 - 2016-10-27 18:27 - 00000000 ____D C:\Windows\8A0C34E501A6476B87F3321ABAA3948D.TMP
2017-01-22 01:01 - 2016-06-30 13:29 - 00000000 ____D C:\ProgramData\wsr
2017-01-22 01:01 - 2016-02-22 12:10 - 00000000 ____D C:\ProgramData\Trend Micro
2017-01-22 01:01 - 2015-09-06 18:30 - 00000000 ____D C:\ProgramData\UniqueId
2017-01-22 01:01 - 2015-09-04 11:44 - 00000000 ____D C:\ProgramData\Wondershare
2017-01-22 01:01 - 2012-12-09 15:16 - 00000000 ____D C:\Users\Public\Documents\LeapFrog
2017-01-22 01:01 - 2012-04-07 18:50 - 00000000 ____D C:\Windows\ERDNT
2017-01-22 01:01 - 2011-09-02 23:09 - 00000000 ____D C:\ProgramData\Sun
2017-01-22 01:01 - 2011-08-26 21:49 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-22 01:01 - 2011-08-26 08:32 - 00000000 ____D C:\ProgramData\WindowsSearch
2017-01-22 01:01 - 2011-08-25 20:35 - 00000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2017-01-22 01:01 - 2011-08-24 23:31 - 00000000 ____D C:\ProgramData\WEBREG
2017-01-22 01:01 - 2011-08-13 21:19 - 00000000 ____D C:\ProgramData\Uninstall
2017-01-22 01:01 - 2011-08-13 21:19 - 00000000 ____D C:\ProgramData\Sonic
2017-01-22 01:01 - 2011-08-13 21:19 - 00000000 ____D C:\ProgramData\Skype
2017-01-22 01:01 - 2010-11-21 00:46 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-01-22 01:00 - 2016-06-30 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-01-22 01:00 - 2016-04-16 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter
2017-01-22 01:00 - 2016-03-26 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2017-01-22 01:00 - 2016-03-17 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-01-22 01:00 - 2016-02-16 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Phone Sync
2017-01-22 01:00 - 2016-01-08 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-01-22 01:00 - 2015-09-23 16:04 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-22 01:00 - 2015-04-10 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2017-01-22 01:00 - 2014-11-23 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-01-22 01:00 - 2014-11-19 16:27 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-22 01:00 - 2014-11-16 12:27 - 00000000 ____D C:\ProgramData\Licenses
2017-01-22 01:00 - 2014-08-25 13:33 - 00000000 ____D C:\ProgramData\Oracle
2017-01-22 01:00 - 2014-08-09 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-22 01:00 - 2014-07-26 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-22 01:00 - 2013-10-17 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-01-22 01:00 - 2013-03-19 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-01-22 01:00 - 2012-12-09 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect
2017-01-22 01:00 - 2012-10-20 16:49 - 00000000 ____D C:\ProgramData\McAfee
2017-01-22 01:00 - 2012-06-26 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2017-01-22 01:00 - 2012-06-12 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-01-22 01:00 - 2012-06-12 21:11 - 00000000 ____D C:\ProgramData\Samsung
2017-01-22 01:00 - 2011-11-05 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-01-22 01:00 - 2011-10-20 19:52 - 00000000 ____D C:\ProgramData\Motive
2017-01-22 01:00 - 2011-08-25 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2017-01-22 01:00 - 2011-08-24 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
Reply With Quote
  #12  
Old January 28th, 2017, 12:30 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
2017-01-22 01:00 - 2011-08-13 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterVideo WinDVD
2017-01-22 01:00 - 2011-08-13 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2
2017-01-22 01:00 - 2011-08-13 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2017-01-22 01:00 - 2011-08-13 21:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-01-22 01:00 - 2011-08-13 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects 2
2017-01-22 01:00 - 2011-08-13 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2017-01-22 01:00 - 2011-08-13 20:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Video & Photo Suite
2017-01-22 01:00 - 2011-08-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility
2017-01-22 01:00 - 2011-08-13 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Fish Games Game Suite
2017-01-22 01:00 - 2011-08-13 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center
2017-01-22 01:00 - 2008-10-22 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-01-22 00:59 - 2016-08-26 20:58 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2017-01-22 00:59 - 2016-06-30 12:09 - 00000000 ____D C:\Program Files\Wondershare
2017-01-22 00:59 - 2014-11-16 02:15 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-01-22 00:59 - 2014-09-30 18:15 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2017-01-22 00:59 - 2013-07-21 21:26 - 00000000 ____D C:\Program Files\Tweaking.com
2017-01-22 00:59 - 2013-03-19 17:28 - 00000000 ____D C:\Program Files\WinPcap
2017-01-22 00:59 - 2013-03-19 17:27 - 00000000 ____D C:\Program Files\Wireshark
2017-01-22 00:59 - 2013-02-16 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2017-01-22 00:59 - 2012-12-09 14:10 - 00000000 ____D C:\ProgramData\Leapfrog
2017-01-22 00:59 - 2012-09-21 19:43 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1(40)
2017-01-22 00:59 - 2012-06-26 22:17 - 00000000 ____D C:\Program Files\VideoLAN
2017-01-22 00:59 - 2012-04-20 23:30 - 00000000 ____D C:\ProgramData\HP Product Assistant
2017-01-22 00:59 - 2011-08-25 20:32 - 00000000 ____D C:\ProgramData\Apple Computer
2017-01-22 00:59 - 2011-08-25 20:29 - 00000000 ____D C:\ProgramData\Apple
2017-01-22 00:59 - 2011-08-25 19:56 - 00000000 ____D C:\ProgramData\ArcSoft
2017-01-22 00:59 - 2011-08-24 22:53 - 00000000 ____D C:\ProgramData\HP
2017-01-22 00:59 - 2011-08-17 18:59 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-22 00:59 - 2011-08-13 20:53 - 00000000 ____D C:\ProgramData\Google
2017-01-22 00:59 - 2008-10-22 21:54 - 00000000 ____D C:\ProgramData\Adobe
2017-01-22 00:59 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2017-01-22 00:59 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2017-01-22 00:59 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Calendar
2017-01-22 00:58 - 2016-03-17 18:35 - 00000000 ___RD C:\Program Files\Skype
2017-01-22 00:58 - 2015-09-04 15:31 - 00000000 ____D C:\Program Files\Recuva
2017-01-22 00:58 - 2015-04-10 19:28 - 00000000 ____D C:\Program Files\SMPlayer
2017-01-22 00:58 - 2012-06-18 21:15 - 00000000 ____D C:\Program Files\Safari
2017-01-22 00:58 - 2012-06-12 21:11 - 00000000 ____D C:\Program Files\Samsung
2017-01-22 00:58 - 2012-05-21 19:18 - 00000000 ____D C:\Program Files\QuickTime
2017-01-22 00:58 - 2012-04-20 23:04 - 00000000 ____D C:\Program Files\Secunia
2017-01-22 00:58 - 2011-08-13 21:18 - 00000000 ____D C:\Program Files\Roxio
2017-01-22 00:57 - 2016-04-16 18:30 - 00000000 ____D C:\Program Files\PingPlotter
2017-01-22 00:57 - 2011-11-05 21:45 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-01-22 00:57 - 2011-11-05 21:44 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2017-01-22 00:57 - 2011-08-25 16:59 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-01-22 00:57 - 2011-08-13 21:12 - 00000000 ____D C:\Program Files\Microsoft Office Suite Activation Assistant
2017-01-22 00:57 - 2011-08-13 21:10 - 00000000 ____D C:\Program Files\Microsoft Small Business
2017-01-22 00:57 - 2011-08-13 21:07 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-01-22 00:57 - 2011-08-13 21:03 - 00000000 ____D C:\Program Files\Microsoft Works
2017-01-22 00:57 - 2011-08-13 21:03 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2017-01-22 00:57 - 2011-08-13 21:01 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-22 00:57 - 2011-08-13 15:45 - 00000000 ____D C:\Program Files\MSXML 4.0
2017-01-22 00:57 - 2009-07-14 04:52 - 00000000 ____D C:\Program Files\MSBuild
2017-01-22 00:56 - 2011-08-25 19:02 - 00000000 ____D C:\Program Files\Microsoft Expression
2017-01-22 00:56 - 2009-07-14 04:52 - 00000000 ____D C:\Program Files\Microsoft Games
2017-01-22 00:54 - 2016-02-16 18:51 - 00000000 ____D C:\Program Files\Media Mushroom Limited
2017-01-22 00:54 - 2014-11-23 12:44 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-01-22 00:54 - 2012-12-09 14:10 - 00000000 ____D C:\Program Files\LeapFrog
2017-01-22 00:54 - 2012-06-12 21:13 - 00000000 ____D C:\Program Files\MarkAny
2017-01-22 00:54 - 2012-04-09 11:50 - 00000000 ____D C:\Program Files\iTunes(266)
2017-01-22 00:54 - 2012-04-09 11:50 - 00000000 ____D C:\Program Files\iPod(265)
2017-01-22 00:54 - 2011-11-05 21:34 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-01-22 00:54 - 2008-10-22 21:55 - 00000000 ____D C:\Program Files\Java
2017-01-22 00:53 - 2016-03-26 19:10 - 00000000 ____D C:\Program Files\FileASSASSIN
2017-01-22 00:53 - 2015-09-04 11:44 - 00000000 ___HD C:\Program Files\DrFoneAndroid_Temp
2017-01-22 00:53 - 2015-06-23 20:38 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2017-01-22 00:53 - 2013-09-13 12:21 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2017-01-22 00:53 - 2012-12-09 14:13 - 00000000 ____D C:\Program Files\DIFX
2017-01-22 00:53 - 2011-10-20 18:18 - 00000000 ____D C:\Program Files\Common Files\Motive
2017-01-22 00:53 - 2011-08-24 22:54 - 00000000 ____D C:\Program Files\HP
2017-01-22 00:53 - 2011-08-13 21:29 - 00000000 ____D C:\Program Files\InterVideo
2017-01-22 00:53 - 2011-08-13 21:18 - 00000000 ____D C:\Program Files\Common Files\Roxio Shared
2017-01-22 00:53 - 2011-08-13 20:47 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2017-01-22 00:53 - 2008-10-22 21:52 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2017-01-22 00:53 - 2008-10-22 18:39 - 00000000 ____D C:\Program Files\Intel
2017-01-22 00:52 - 2015-06-23 23:53 - 00000000 ____D C:\Program Files\CodeMeter
2017-01-22 00:52 - 2014-05-14 23:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-22 00:52 - 2012-09-21 19:24 - 00000000 ____D C:\Program Files\Bonjour(13)
2017-01-22 00:52 - 2012-05-17 19:55 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-01-22 00:52 - 2011-09-02 22:50 - 00000000 ____D C:\Program Files\BUFFALO
2017-01-22 00:52 - 2011-08-24 23:00 - 00000000 ____D C:\Program Files\Common Files\HP
2017-01-22 00:52 - 2011-08-24 23:00 - 00000000 ____D C:\Program Files\Common Files\Hewlett-Packard
2017-01-22 00:52 - 2011-08-13 21:31 - 00000000 ____D C:\Program Files\Common Files\InterVideo
2017-01-22 00:52 - 2011-08-13 20:53 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2017-01-22 00:52 - 2011-08-13 20:53 - 00000000 ____D C:\Program Files\ArcSoft
2017-01-22 00:52 - 2011-08-13 20:46 - 00000000 ____D C:\Program Files\Big Fish Games Game Suite
2017-01-22 00:52 - 2008-10-22 21:54 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-01-22 00:52 - 2008-10-22 18:42 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2017-01-22 00:52 - 2008-10-22 18:29 - 00000000 ____D C:\Program Files\ATI
2017-01-22 00:51 - 2013-01-17 13:57 - 00000000 ____D C:\Program Files\Alwil Software
2017-01-22 00:51 - 2012-09-21 19:23 - 00000000 ____D C:\Program Files\Apple Software Update(7)
2017-01-22 00:51 - 2008-10-22 21:54 - 00000000 ____D C:\Program Files\Adobe
2017-01-22 00:48 - 2009-07-14 04:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-22 00:44 - 2010-11-21 00:46 - 00000000 ____D C:\Windows\CSC
2017-01-21 23:57 - 2006-11-02 12:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-21 23:57 - 2006-11-02 12:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-21 13:06 - 2011-09-28 10:18 - 00000012 _____ C:\Windows\bthservsdp.dat
2017-01-20 16:04 - 2012-04-23 12:20 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-01-20 16:04 - 2012-04-23 12:20 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-01-18 21:21 - 2014-08-09 13:07 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-01-17 19:34 - 2016-03-17 18:35 - 00002337 _____ C:\Users\Public\Desktop\Skype.lnk
2017-01-16 19:57 - 2014-11-22 18:46 - 00001945 _____ C:\Windows\epplauncher.mif
2017-01-16 19:55 - 2015-09-23 16:13 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Kodi
2017-01-15 23:07 - 2015-02-11 19:16 - 00000000 ____D C:\8da4179559317350f55677f6effa
2017-01-15 23:07 - 2012-07-11 07:13 - 00000000 ____D C:\c39d32682c6894ec43c45c3b
2017-01-15 23:07 - 2011-08-26 21:19 - 00000000 ____D C:\Netgear

==================== Files in the root of some directories =======

2016-04-16 18:23 - 2016-04-15 06:23 - 0000040 ____H () C:\Program Files\0d8f4ba4.tmp
2013-07-23 20:05 - 2013-07-22 08:05 - 0000044 ____H () C:\Program Files\3345f390.tmp
2012-11-22 11:09 - 2012-11-22 11:09 - 0026253 _____ () C:\Users\Ben\AppData\Roaming\UserTile.png
2017-01-23 00:27 - 2017-01-23 00:27 - 1960481 _____ () C:\Users\Ben\AppData\Local\ars.cache
2017-01-23 00:59 - 2017-01-23 00:59 - 1170452 _____ () C:\Users\Ben\AppData\Local\census.cache
2017-01-22 20:45 - 2017-01-22 20:45 - 0000036 _____ () C:\Users\Ben\AppData\Local\housecall.guid.cache
2017-01-22 21:02 - 2017-01-26 02:11 - 0000010 _____ () C:\Users\Ben\AppData\Local\sponge.last.runtime.cac he
2017-01-27 22:36 - 2017-01-27 22:36 - 0000000 ____H () C:\ProgramData\cm-lock
2017-01-22 00:46 - 2017-01-22 00:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-01-26 11:40 - 2016-10-11 15:21 - 1310528 _____ (Microsoft Corporation) C:\Users\Ben\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 07:42

==================== End of FRST.txt ============================
Reply With Quote
  #13  
Old January 28th, 2017, 12:31 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-01-2017
Ran by Ben (27-01-2017 23:16:59)
Running from C:\Users\Ben\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-01-22 11:36:51)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-1289019028-3489076271-160467946-500 - Administrator - Disabled)
Ben (S-1-5-21-1289019028-3489076271-160467946-1003 - Administrator - Enabled) => C:\Users\Ben
Guest (S-1-5-21-1289019028-3489076271-160467946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1289019028-3489076271-160467946-1230 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D 1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.39 - ArcSoft)
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Big Fish Games Game Suite (HKLM\...\BFG-Big Fish Games Game Suite) (Version: - )
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.73.04270 - Sony Corporation)
Click to Disc (Version: 1.2.73.04270 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.03.04150 - Sony Corporation)
Click to Disc Editor (Version: 2.0.02 - Sony Corporation) Hidden
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Easy Phone Sync (HKLM\...\{02007371-F011-4016-A664-ED99890331AB}) (Version: 63 - Media Mushroom Limited)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F300 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.76 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.8.0809.23506 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUB SYS_104D0200) (Version: - )
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{F5893181-DB64-4FE1-BE8A-C843A5B24F17}) (Version: 6.1.2.13 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iTunes (HKLM\...\{B7C4ABF3-59A7-47AB-A72E-956BA5B4841C}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LeapFrog Connect (HKLM\...\UPCShell) (Version: 7.0.7.20035 - LeapFrog)
LeapFrog Connect (Version: 7.0.7.20035 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (Version: 7.0.6.19846 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Me&My VAIO (HKLM\...\{76D7CCD6-8369-405C-B494-5F34FAE67249}) (Version: 1.0.0.11140 - Sony Corporation)
Media Player Codec Pack 4.2.0 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.0 - Media Player Codec Pack)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{64867E7B-D4D7-422E-883D-55C4BEB0E326}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Expression Web (HKLM\...\WebDesigner) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Expression Web Service Pack 1 (SP1) (HKLM\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}) (Version: - Microsoft)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Professional 2007 (HKLM\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 51.0 (x86 en-GB)) (Version: 51.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.0.6227 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
OpenMG Secure Module 5.4.00 (HKLM\...\InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}) (Version: 5.4.00.04020 - Sony Corporation)
OpenMG Secure Module 5.4.00 (Version: 5.4.00.04020 - Sony Corporation) Hidden
PingPlotter 4.12.0 (HKLM\...\{D59AF474-7881-48B7-9120-F23D093BC447}) (Version: 4.12.0.9 - Pingman Tools, LLC)
Primo (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 12.9.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.5.0 - Adlice Software)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.2.0.10150 - Sony Corporation)
Skype™ 7.31 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SMPlayer 0.6.10 (HKLM\...\SMPlayer) (Version: 0.6.10 - Ricardo Villalba)
Software Info for Me&My VAIO (HKLM\...\{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}) (Version: 1.0.0.09110 - Sony Corporation)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Sony Home Network Library (HKLM\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 1.4.5.15070 - Sony Corporation)
Sony Home Network Library (Version: 1.4.5.15070 - Sony Corporation) Hidden
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.3.01.09300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.5.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM\...\LeapPadExplorerPlugin) (Version: - LeapFrog)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.1.0.08260 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{327B75F0-92AF-420A-988F-FA596A218E0B}) (Version: 1.0.01.09030 - Sony Corporation)
VAIO Content Folder Watcher (Version: 1.0.01.09030 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.1.12010 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.6.1.12010 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.2.0.09120 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.4.1.15040 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.4.1.15040 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.2.1.12090 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.2.0.09090 - Sony Corporation)
VAIO Marketing Tools (HKLM\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 1.4.5.15070 - Sony Corporation)
VAIO Media plus (Version: 1.2.0.10230 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Movie Story (Version: 1.3.01.08060 - Sony Corporation) Hidden
VAIO Movie Story 1.5 Upgrade (Version: 1.5.01.05120 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO MusicBox (HKLM\...\{D613E659-6503-42A8-9617-4F599061EAD5}) (Version: 2.3.0.09250 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Settings (HKLM\...\{7C404084-C5A6-42FF-B731-0BAC79A6E134}) (Version: 2.0.2.02240 - Sony Corporation)
VAIO Original Function Settings (Version: 2.0.2.02240 - Sony Corporation) Hidden
VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.2.0.10060 - Sony Corporation)
VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.1.0.08250 - Sony Corporation)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 2.2.0.11050 - Sony Corporation)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.3.0.10310 - Sony Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VUx86 (Version: 1.2.0 - Sony Corporation) Hidden
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D ) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.602 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B9.602 - InterVideo Inc.) Hidden
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.6 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1289019028-3489076271-160467946-1003_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C20BAEC-24CC-4B43-9F7D-3E35D76F9458} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1289019028-3489076271-160467946-1003
Task: {130A83F4-AE35-44F7-8185-43771079D4E1} - \Microsoft\Microsoft Antimalware\MpIdleTask -> No File <==== ATTENTION
Task: {20BA18B5-6D4D-4730-8CE8-FEC8C281B6B4} - System32\Tasks\{7D7E0615-79D9-481E-A063-3D7EE0778A92} => pcalua.exe -a "G:\Original Ext. Hard Drive files (KEEP)\DriveNavi.EXE" -d "G:\Original Ext. Hard Drive files (KEEP)"
Task: {25084D10-2B3E-4F6D-8011-D9EE1C351230} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {266587F0-ED3D-4FF5-BBC9-BF143756347C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2017-01-20] (Adobe Systems Incorporated)
Task: {2CE7F19A-13FB-498A-8971-2D9CC67C9F24} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWired Info => C:\Windows\system32\gatherWiredInfo.vbs
Task: {758C7D26-E868-4A36-95DB-B7E055420348} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {7AD6BF9F-C519-44B2-9F95-525732A16E1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {849F28EC-42BF-458D-9110-CD00CCE14B6F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-20] (AVAST Software)
Task: {91060443-6BEA-40E5-82BA-67582A4C91C6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {A30BCA5E-F7F7-4658-99FE-558BC1AF132C} - System32\Tasks\{F13BD795-7442-4C89-B770-6B4E18124C08} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {AA373E84-8591-41D1-9072-33C498222885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {B298A424-5DE3-4D0E-BA17-21453E602699} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {BE290D13-5E66-42E7-885E-E47D088D0D0A} - System32\Tasks\SONY\Me&My VAIO\Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\QLGuide.exe [2008-11-17] (Sony Corporation)
Task: {C09690DE-DFF4-47EA-87C5-5C55B6080095} - System32\Tasks\{07D85107-B6C9-4FC2-85AA-694B3F10B1E8} => pcalua.exe -a C:\Users\Ben\AppData\Local\temp\GLF2D6\DPInst.exe -d C:\Users\Ben\AppData\Local\temp\GLF2D6 <==== ATTENTION
Task: {C27E1097-FE5A-4E80-87DE-0BA063D8A3E1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWi relessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0F43D26-239A-49A8-963B-6CBF2E466A5C} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
Task: {F414C5A5-9967-42F7-AE93-42A8C7F1F91B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\R eminders - Ben => C:\Program Files\Windows Calendar\WinCal.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Googl e Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) ==============

2017-01-20 14:15 - 2017-01-20 14:15 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-27 19:43 - 2017-01-27 19:43 - 04459608 _____ () C:\Program Files\AVAST Software\Avast\defs\17012703\algo.dll
2017-01-20 14:15 - 2017-01-20 14:15 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-20 14:15 - 2017-01-20 14:15 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-24 08:46 - 2014-11-24 08:46 - 00879104 _____ () C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2011-08-13 21:23 - 2008-12-09 08:27 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2011-08-13 21:23 - 2008-12-09 08:27 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2012-04-20 13:59 - 2012-03-06 16:29 - 00376832 _____ () C:\Program Files\Common Files\Sony Shared\SOHLib\sqlite3.dll
2017-01-26 11:32 - 2017-01-25 06:56 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.76\libgl esv2.dll
2017-01-26 11:32 - 2017-01-25 06:56 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.76\libeg l.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)
Reply With Quote
  #14  
Old January 28th, 2017, 12:31 AM
JIO22 JIO22 is offline
Senior Member
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 631
==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\cybertechhelp.com -> hxxp://www.cybertechhelp.com
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\ebay.co.uk -> hxxp://www.ebay.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\metcheck.com -> hxxp://www.metcheck.com
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\orange.co.uk -> hxxp://www.orange.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\speedtest.net -> hxxp://www.speedtest.net
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\thesun.co.uk -> hxxp://www.thesun.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\youtube.com -> hxxp://www.youtube.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-se.com -> 1-se.com

There are 11597 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 10:23 - 2014-11-20 00:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BFBackupUtilityService => 2
MSCONFIG\Services: BFBackupUtilityVSSService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SBSDWSCService => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDFC5649-8A9C-43E0-A7DB-981BF4A858E6}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8F780E2C-C765-46DE-B76E-00CC03894B97}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [UDP Query User{15C0F063-FC21-4CEA-A4F9-212462B47277}C:\program files\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [TCP Query User{A5BD227C-AADF-4FE6-8EE8-415216CE7EC0}C:\program files\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [UDP Query User{336AAA0A-CE33-48F4-9EBB-E528D844F5E4}C:\program files\netgear genie\bin\netgeargenie.exe] => C:\program files\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{969DFAA4-52A8-4B64-A29E-7E6190C2C341}C:\program files\netgear genie\bin\netgeargenie.exe] => C:\program files\netgear genie\bin\netgeargenie.exe
FirewallRules: [{07EEB454-8C9E-4C97-AB96-6DD98B405A18}] => C:\Program Files\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{26E1900D-2693-4016-80BB-C4332BA4C924}] => C:\Program Files\The Bit Studio\Synctunes Desktop\Synctunes.exe
FirewallRules: [UDP Query User{E336C7D2-E475-439C-9D75-33CD2F2C0267}C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [TCP Query User{E0119C9A-8BA4-4F07-9E10-4C1F86C0A1D1}C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_77\bin\jp2launcher.exe
FirewallRules: [UDP Query User{FA37C349-1687-4162-A752-AA391F080C0F}C:\program files\jrt studio\isyncr\isyncr.exe] => C:\program files\jrt studio\isyncr\isyncr.exe
FirewallRules: [TCP Query User{324B0E5E-BC31-4C8D-ABB1-214EF2BA9AE8}C:\program files\jrt studio\isyncr\isyncr.exe] => C:\program files\jrt studio\isyncr\isyncr.exe
FirewallRules: [UDP Query User{D80F0C78-A278-4090-8EED-9EE599A9BF82}C:\program files\java\jre1.8.0_73\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [TCP Query User{36D99BA0-85B0-48C0-80B2-93F1E94E4B4A}C:\program files\java\jre1.8.0_73\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_73\bin\jp2launcher.exe
FirewallRules: [UDP Query User{2A7E0DC3-026B-4EA5-B701-CB619D48A69E}C:\program files\kodi\kodi.exe] => C:\program files\kodi\kodi.exe
FirewallRules: [TCP Query User{3B01EA7E-9890-4658-A8FC-B15CDE6586FE}C:\program files\kodi\kodi.exe] => C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{2219C559-B364-4AE2-AFDD-5747CDD60192}C:\program files\kodi\kodi.exe] => C:\program files\kodi\kodi.exe
FirewallRules: [TCP Query User{15DF3D68-2ECA-4787-AA38-C5F817A18017}C:\program files\kodi\kodi.exe] => C:\program files\kodi\kodi.exe
FirewallRules: [{D4B0179E-2F00-45F5-BEAB-7024F824366C}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4A17AA89-2A3C-4CC4-8E04-D02BD26F76A9}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{5617863F-368E-46DE-B8DE-A9F68627DF37}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{04607867-A184-44B8-B509-E66C856FC6AE}] => C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [UDP Query User{80FC1A4A-8B77-499A-BA53-67781C4EBC75}C:\program files\portforward\port forward network utilities\pfportchecker.exe] => C:\program files\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [TCP Query User{CBDEB1F4-790A-4317-90FB-C456DE8F5CD8}C:\program files\portforward\port forward network utilities\pfportchecker.exe] => C:\program files\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [UDP Query User{A6C72938-1A6A-45FE-B90F-4DBFFA068F52}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [TCP Query User{6883ABEF-9115-4FF6-82EA-43DE712FAEC9}C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [UDP Query User{F5E00B22-E819-4195-96B1-791C1983C898}C:\program files\java\jre1.8.0_20\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_20\bin\jp2launcher.exe
FirewallRules: [TCP Query User{7A4E3961-C9AE-4530-86FB-BA8D9A407941}C:\program files\java\jre1.8.0_20\bin\jp2launcher.exe] => C:\program files\java\jre1.8.0_20\bin\jp2launcher.exe
FirewallRules: [UDP Query User{34A0EE26-53E3-4A10-B843-B5BD7FCAB743}C:\program files\java\jre7\bin\jp2launcher.exe] => C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{E4BA58DA-F439-498F-8378-77F79FFD9316}C:\program files\java\jre7\bin\jp2launcher.exe] => C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [{B0A4D8EF-D68A-4235-8D8A-D9A353D713D6}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{70097CC3-FE4A-4683-9409-37652717E98B}] => C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{8E074770-C9B3-4CF2-B181-47ABEDE8E321}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{CC14696E-FF35-4C6F-BF99-4A1868D5C32A}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe
FirewallRules: [{1555CFC5-7EB2-4A40-BAE4-CAC3F12E1F9E}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
FirewallRules: [UDP Query User{F861117F-190A-417D-B13D-E9B4AAD33088}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{B0489444-10B8-419C-BDC7-F2413C53C425}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{D12C0AF1-3FFC-4005-BA08-C9A3A4C580C4}C:\program files\pfportchecker\pfportchecker.exe] => C:\program files\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{304B195F-96FD-404A-86DB-8142E1006D04}C:\program files\pfportchecker\pfportchecker.exe] => C:\program files\pfportchecker\pfportchecker.exe
FirewallRules: [{0235CFB2-4BCB-43DC-B9C1-34878231E059}] => C:\Windows\System32\muzapp.exe
FirewallRules: [{16ACD425-2E79-4BB8-ACDF-80F631C4F2BB}] => C:\Windows\System32\muzapp.exe
FirewallRules: [UDP Query User{C606D6E9-DC08-470F-9ABF-2F4EC03460F9}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{65E8EB5C-BAC4-4267-8AE3-797A39A28927}C:\program files\java\jre6\bin\java.exe] => C:\program files\java\jre6\bin\java.exe
FirewallRules: [{7FBCE151-8AB0-4854-A0BB-43A340CF8D19}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2BC1E23F-9DD9-44F2-BD2F-947EE4525022}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D84453F-0EA8-4C23-8089-110E1C5570D4}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BD4C833F-6618-44A2-B377-B5D369F044EC}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA32C2E-5B85-435F-90A1-AEA5BB131CB9}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{465EA9CF-CAA3-4C75-B5F7-6054B55E5CB5}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D5A9AF1C-927A-476B-B264-DA68AF62BBD3}] => LPort=2869
FirewallRules: [{510A0002-A001-49BE-9DBB-8170D071F61E}] => LPort=1900
FirewallRules: [{9B349DED-3920-470B-B715-6B19FF62C320}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{053ABC7A-D15B-403E-89F3-9F3872725CB3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FA2E034-427E-4734-A5C9-E231EF829908}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{58C8FA7A-8B1A-4A46-9509-657ADFF4CBA0}] => C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

24-01-2017 00:53:15 Windows Backup
24-01-2017 03:01:26 Windows Update
24-01-2017 07:10:30 Windows Update
24-01-2017 08:01:37 Windows Update
24-01-2017 08:20:42 Windows Update
24-01-2017 16:34:07 Windows Update
24-01-2017 18:59:50 Windows Update
25-01-2017 19:07:32 Windows Backup
26-01-2017 01:42:55 Windows Live Essentials
26-01-2017 01:44:36 Installed DirectX
26-01-2017 01:47:03 Installed DirectX
26-01-2017 01:49:40 Installed DirectX
26-01-2017 01:54:38 WLSetup
26-01-2017 02:08:26 Windows Live Essentials
26-01-2017 02:09:21 Installed DirectX
26-01-2017 02:11:33 Installed DirectX
26-01-2017 02:13:45 Installed DirectX
26-01-2017 02:17:57 WLSetup
26-01-2017 14:15:07 Windows Live Essentials
26-01-2017 14:16:01 Installed DirectX
26-01-2017 14:17:51 Installed DirectX
26-01-2017 14:19:46 Installed DirectX
26-01-2017 14:22:06 WLSetup
26-01-2017 14:35:21 Installed Microsoft Camera Codec Pack
26-01-2017 14:48:17 Installed Microsoft Camera Codec Pack
26-01-2017 15:11:39 Installed iTunes
26-01-2017 18:40:37 Installed Windows Installer Clean Up
26-01-2017 19:01:11 Installed Windows Installer Clean Up
26-01-2017 19:09:57 Removed Windows Installer Clean Up
26-01-2017 21:50:44 Windows 7 working well

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2017 10:36:24 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (01/27/2017 10:36:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/27/2017 10:34:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (01/27/2017 10:34:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (01/27/2017 08:50:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/27/2017 08:50:16 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (01/27/2017 07:42:45 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (01/27/2017 07:42:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/27/2017 02:12:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7a4a7
Faulting module name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7a4a7
Exception code: 0xc0000005
Fault offset: 0x0007006d
Faulting process id: 0x14b8
Faulting application start time: 0x01d278812ffee397
Faulting application path: C:\Program Files\Windows Media Player\wmpnetwk.exe
Faulting module path: C:\Program Files\Windows Media Player\wmpnetwk.exe
Report Id: 95ad998a-e49a-11e6-9b22-001dbab6d3fe

Error: (01/27/2017 09:39:01 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)


System errors:
=============
Error: (01/27/2017 10:35:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/27/2017 10:35:08 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.

Error: (01/27/2017 10:35:08 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.

Error: (01/27/2017 08:49:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/27/2017 08:49:18 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.

Error: (01/27/2017 08:49:18 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.

Error: (01/27/2017 07:41:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VAIO Power Management service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/27/2017 07:41:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Power Management service to connect.

Error: (01/27/2017 07:40:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/27/2017 07:40:47 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.


CodeIntegrity:
===================================
Date: 2017-01-12 11:54:05.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:04.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:03.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:01.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:00.730
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:59.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:58.556
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:57.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:56.427
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:55.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 44%
Total physical RAM: 2939.04 MB
Available physical RAM: 1638.61 MB
Total Virtual: 5876.39 MB
Available Virtual: 4300.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.5 GB) (Free:150.96 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1E87FF0F)
Partition 1: (Not Active) - (Size=9.6 GB) - (Type=27)
Partition 2: (Active) - (Size=288.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Reply With Quote
  #15  
Old January 28th, 2017, 01:06 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,943
Let's assume the installer issue is an incorrect Registry startup entry.

Go to Start Search, type msconfig in the Start Search box. Msconfig will appear at the top of the Menu. Rightclick on it and choose "Run as administrator".

When the msconfig display opens, click the Startup tab, Then click the Enable All button (you can change things back after we are done with this step).

Reboot after.

After the reboot, open Msconfig again.

Uncheck 1/2 of the startups listed there. Then click Apply and OK and allow the reboot.

Reboot, and see if the problem no longer occurs. If you still have the problem, open msconfig again, but this time recheck the startups you had unchecked, then uncheck the other 1/2. And again Apply/OK and reboot.

This is a process of elimination. If the problem source is a startup, you will have narrowed it down to being in 1/2 of the msconfig list. Make sure the 1/2 that did not cause problems remain checked, then cut the other group in half again. Then again uncheck one half of that, Apply/OK and reboot. See which new 1/2 holds the problem startup.

Repeat those steps until you identify the problem startup.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 11:25 PM.