Jump to content

Blocking Notification


Recommended Posts

Hello,

I've been getting these notifications every 5 seconds, for svchost.exe, firefoxe.exe, and avp.exe. (outbound with different ports)

The IP is for a service provider in Romania!

Did a scan with both Malwarebytes and Kaspersky and nothing came up. So I did a full clean recovery and to my surprise the notifications came back!

Please help me.

 

Link to post
Share on other sites

Scans:

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by h (administrator) on N (12-05-2016 15:15:43)
Running from C:\Users\h\Downloads
Loaded Profiles: h (Available Profiles: h)
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\System32\rpcnetp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SEC) C:\Program Files\Samsung\Recovery\WCScheduler.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875216 2013-01-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-04-15] (Malwarebytes Corporation)
HKU\S-1-5-21-3872551936-1943246106-3439750639-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3872551936-1943246106-3439750639-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.115.85.210 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{428175A4-59D7-432C-A7EA-F72B2030F462}: [DhcpNameServer] 93.115.85.210 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3872551936-1943246106-3439750639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3872551936-1943246106-3439750639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3872551936-1943246106-3439750639-1001 -> DefaultScope {2BD64232-3A43-435D-A117-62BD2E8392BB} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-31] (Qualcomm Atheros Commnucations)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\7bdgr4z5.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Extension: NoScript - C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\7bdgr4z5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-05-11]
FF Extension: HTTPS-Everywhere - C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\7bdgr4z5.default\extensions\https-everywhere@eff.org [2016-05-11]
FF Extension: Disconnect - C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\7bdgr4z5.default\extensions\2.0@disconnect.me.xpi [2016-05-11]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-12]
FF Extension: Ghostery - C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\7bdgr4z5.default\Extensions\firefox@ghostery.com.xpi [2016-05-11]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-01-14] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107344 2012-11-20] (Condusiv Technologies)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-04-15] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2883120 2013-01-25] (Samsung Electronics CO., LTD.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-05-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-05-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-31] (Qualcomm Atheros)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-04-15] ()
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [20336 2013-01-02] (ELAN Microelectronic Corp.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25424 2012-11-20] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [111952 2012-11-20] (Condusiv Technologies)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-05-12] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-05-12] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-06] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2016-05-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2016-05-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2016-05-12] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-12 15:15 - 2016-05-12 15:16 - 00015710 _____ C:\Users\h\Downloads\FRST.txt
2016-05-12 15:14 - 2016-05-12 15:14 - 00000000 ___RD C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-05-12 15:12 - 2016-05-12 15:12 - 00361728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-12 14:38 - 2016-05-12 14:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-12 14:37 - 2016-05-12 14:41 - 00000000 ____D C:\Users\h\Desktop\mbar
2016-05-12 14:35 - 2016-05-12 14:36 - 00000000 ____D C:\AdwCleaner
2016-05-12 14:23 - 2016-05-12 14:23 - 16563352 _____ (Malwarebytes Corp.) C:\Users\h\Downloads\mbar-1.09.3.1001.exe
2016-05-12 14:21 - 2016-05-12 15:15 - 00000000 ____D C:\FRST
2016-05-12 14:21 - 2016-05-12 14:21 - 02381312 _____ (Farbar) C:\Users\h\Downloads\FRST64.exe
2016-05-12 14:01 - 2016-05-12 14:01 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\h\Downloads\tdsskiller.exe
2016-05-12 14:00 - 2016-05-12 14:00 - 03640384 _____ C:\Users\h\Downloads\AdwCleaner.exe
2016-05-12 12:21 - 2016-05-12 13:35 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-12 12:20 - 2016-05-12 12:20 - 00000000 ____D C:\Windows.old
2016-05-12 12:18 - 2016-05-12 12:18 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2016-05-12 12:18 - 2016-05-12 12:18 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-12 12:18 - 2016-05-12 12:18 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2016-05-12 12:18 - 2016-05-12 12:18 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2016-05-12 12:18 - 2016-05-12 12:18 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-05-12 12:18 - 2016-05-12 12:18 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2016-05-12 12:18 - 2016-05-12 12:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-05-12 12:18 - 2016-05-12 12:18 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2016-05-12 12:18 - 2016-05-12 12:18 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-12 12:18 - 2016-05-12 12:18 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-05-12 12:18 - 2016-05-12 12:18 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2016-05-12 12:18 - 2016-05-12 12:18 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2016-05-12 12:18 - 2016-05-12 12:18 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2016-05-12 12:18 - 2016-05-12 12:18 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2016-05-12 12:18 - 2016-05-12 12:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2016-05-12 12:18 - 2016-05-12 12:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2016-05-12 12:17 - 2016-05-12 12:17 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-05-12 12:16 - 2016-05-12 12:16 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-05-12 12:16 - 2016-05-12 12:16 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-05-12 12:16 - 2016-05-12 12:16 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-05-12 12:16 - 2016-05-12 12:16 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-05-12 12:16 - 2016-05-12 12:16 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2016-05-12 12:15 - 2016-05-12 12:15 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2016-05-12 12:15 - 2016-05-12 12:15 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2016-05-12 12:15 - 2016-05-12 12:15 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2016-05-12 12:15 - 2016-05-12 12:15 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-05-12 12:15 - 2016-05-12 12:15 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 20349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 15414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 13811200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 06052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-05-12 12:14 - 2016-05-12 12:14 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-05-12 12:14 - 2016-05-12 12:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-05-12 12:14 - 2016-05-12 12:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2016-05-12 12:14 - 2016-05-12 12:14 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2016-05-12 12:14 - 2016-05-12 12:14 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2016-05-12 12:14 - 2016-05-12 12:14 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-05-12 12:14 - 2016-05-12 12:14 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2016-05-12 12:14 - 2016-05-12 12:14 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-05-12 12:13 - 2016-05-12 12:13 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-05-12 12:13 - 2016-05-12 12:13 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-12 12:13 - 2016-05-12 12:13 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2016-05-12 12:13 - 2016-05-12 12:13 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-05-12 12:13 - 2016-05-12 12:13 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2016-05-12 12:13 - 2016-05-12 12:13 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-05-12 12:13 - 2016-05-12 12:13 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-05-12 12:13 - 2016-05-12 12:13 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-05-12 12:12 - 2016-05-12 12:12 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2016-05-12 12:12 - 2016-05-12 12:12 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2016-05-12 12:12 - 2016-05-12 12:12 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2016-05-12 12:12 - 2016-05-12 12:12 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-05-12 12:12 - 2016-05-12 12:12 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-12 12:12 - 2016-05-12 12:12 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2016-05-12 12:12 - 2016-05-12 12:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2016-05-12 12:11 - 2016-05-12 12:11 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-12 12:11 - 2016-05-12 12:11 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-05-12 12:11 - 2016-05-12 12:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-05-12 12:11 - 2016-05-12 12:11 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2016-05-12 12:11 - 2016-05-12 12:11 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2016-05-12 12:11 - 2016-05-12 12:11 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-12 12:11 - 2016-05-12 12:11 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-05-12 12:10 - 2016-05-12 12:10 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-05-12 12:10 - 2016-05-12 12:10 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-05-12 12:10 - 2016-05-12 12:10 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-05-12 12:09 - 2016-05-12 12:09 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2016-05-12 12:08 - 2016-05-12 12:08 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2016-05-12 12:08 - 2016-05-12 12:08 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2016-05-12 12:08 - 2016-05-12 12:08 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-12 12:08 - 2016-05-12 12:08 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2016-05-12 12:07 - 2016-05-12 12:07 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-05-12 12:07 - 2016-05-12 12:07 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicres.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00097072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00089392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00061232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00056624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbusres.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00045872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvscres.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2016-05-12 12:07 - 2016-05-12 12:07 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2016-05-12 12:07 - 2016-05-12 12:07 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2016-05-12 12:06 - 2016-05-12 12:06 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-12 12:06 - 2016-05-12 12:06 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-05-12 12:06 - 2016-05-12 12:06 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-05-12 12:06 - 2016-05-12 12:06 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2016-05-12 12:05 - 2016-05-12 12:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-05-12 12:05 - 2016-05-12 12:05 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2016-05-12 12:05 - 2016-05-12 12:05 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2016-05-12 12:05 - 2016-05-12 12:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-05-12 12:04 - 2016-05-12 12:04 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-12 12:04 - 2016-05-12 12:04 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-12 12:04 - 2016-05-12 12:04 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-05-12 12:04 - 2016-05-12 12:04 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2016-05-12 12:03 - 2016-05-12 12:03 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-12 12:03 - 2016-05-12 12:03 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-12 12:03 - 2016-05-12 12:03 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-12 12:03 - 2016-05-12 12:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2016-05-12 12:03 - 2016-05-12 12:03 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-05-12 12:03 - 2016-05-12 12:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-05-12 12:03 - 2016-05-12 12:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-05-12 12:03 - 2016-05-12 12:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-05-12 12:03 - 2016-05-12 12:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-05-12 12:02 - 2016-05-12 12:02 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-12 12:02 - 2016-05-12 12:02 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-12 12:01 - 2016-05-12 12:01 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-05-12 12:01 - 2016-05-12 12:01 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-05-12 12:01 - 2016-05-12 12:01 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-05-12 12:01 - 2016-05-12 12:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2016-05-12 12:00 - 2016-05-12 12:00 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-05-12 12:00 - 2016-05-12 12:00 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-05-12 12:00 - 2016-05-12 12:00 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-12 11:59 - 2016-05-12 11:59 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-12 11:59 - 2016-05-12 11:59 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-12 11:59 - 2016-05-12 11:59 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-12 11:59 - 2016-05-12 11:59 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-12 11:59 - 2016-05-12 11:59 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-05-12 11:59 - 2016-05-12 11:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-05-12 11:58 - 2016-05-12 11:58 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-12 11:58 - 2016-05-12 11:58 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-05-12 11:58 - 2016-05-12 11:58 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-05-12 11:58 - 2016-05-12 11:58 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2016-05-12 11:57 - 2016-05-12 11:57 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2016-05-12 11:57 - 2016-05-12 11:57 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-12 11:56 - 2016-05-12 11:56 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-12 11:56 - 2016-05-12 11:56 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00738096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00613624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-12 11:56 - 2016-05-12 11:56 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-05-12 11:56 - 2016-05-12 11:56 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2016-05-12 11:56 - 2016-05-12 11:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2016-05-12 11:56 - 2016-05-12 11:56 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-12 11:55 - 2016-05-12 11:55 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-12 11:55 - 2016-05-12 11:55 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-05-12 11:55 - 2016-05-12 11:55 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-12 11:55 - 2016-05-12 11:55 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-12 11:55 - 2016-05-12 11:55 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2016-05-12 11:54 - 2016-05-12 11:54 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-05-12 11:54 - 2016-05-12 11:54 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2016-05-12 11:54 - 2016-05-12 11:54 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2016-05-12 11:54 - 2016-05-12 11:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2016-05-12 11:54 - 2016-05-12 11:54 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-12 11:53 - 2016-05-12 11:53 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00091992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2016-05-12 11:53 - 2016-05-12 11:53 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2016-05-12 11:53 - 2016-05-12 11:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2016-05-12 11:52 - 2016-05-12 11:52 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-05-12 11:52 - 2016-05-12 11:52 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-05-12 11:51 - 2016-05-12 11:51 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-05-12 11:51 - 2016-05-12 11:51 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-12 11:51 - 2016-05-12 11:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2016-05-12 11:50 - 2016-05-12 11:50 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-05-12 11:50 - 2016-05-12 11:50 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00561960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-05-12 11:49 - 2016-05-12 11:49 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-05-12 11:49 - 2016-05-12 11:49 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-05-12 11:48 - 2016-05-12 11:48 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-05-12 11:48 - 2016-05-12 11:48 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-05-12 11:48 - 2016-05-12 11:48 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-05-12 11:48 - 2016-05-12 11:48 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-05-12 11:48 - 2016-05-12 11:48 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-12 11:48 - 2016-05-12 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-12 11:46 - 2016-05-12 11:46 - 07446368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-12 11:46 - 2016-05-12 11:46 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-12 11:46 - 2016-05-12 11:46 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2016-05-12 11:46 - 2016-05-12 11:46 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2016-05-12 11:46 - 2016-05-12 11:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2016-05-12 11:45 - 2016-05-12 11:45 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-05-12 11:45 - 2016-05-12 11:45 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-05-12 11:45 - 2016-05-12 11:45 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-05-12 11:45 - 2016-05-12 11:45 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2016-05-12 11:45 - 2016-05-12 11:45 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-05-12 11:45 - 2016-05-12 11:45 - 00316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-05-12 11:45 - 2016-05-12 11:45 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-05-12 11:45 - 2016-05-12 11:45 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-05-12 11:45 - 2016-05-12 11:45 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-05-12 11:44 - 2016-05-12 11:44 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-12 11:44 - 2016-05-12 11:44 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-05-12 11:44 - 2016-05-12 11:44 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2016-05-12 11:44 - 2016-05-12 11:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2016-05-12 11:43 - 2016-05-12 11:43 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2016-05-12 11:43 - 2016-05-12 11:43 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2016-05-12 11:42 - 2016-05-12 11:42 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2016-05-12 11:41 - 2016-05-12 11:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-12 11:41 - 2016-05-12 11:41 - 00000000 ____D C:\Program Files\MSBuild
2016-05-12 11:41 - 2016-05-12 11:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-12 11:41 - 2016-05-12 11:41 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-12 11:40 - 2016-05-12 11:40 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2016-05-12 11:40 - 2016-05-12 11:40 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2016-05-12 11:40 - 2013-08-03 07:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-12 11:40 - 2013-08-03 07:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-05-12 03:44 - 2016-05-12 03:44 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-12 03:29 - 2016-05-12 13:32 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-12 03:29 - 2016-05-12 03:29 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-12 03:29 - 2016-05-12 03:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 03:15 - 2015-07-30 17:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-12 03:15 - 2015-07-30 16:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-12 02:54 - 2014-04-16 02:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-05-12 02:53 - 2014-04-16 02:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-05-12 02:52 - 2016-05-12 02:52 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-05-12 02:51 - 2015-01-06 06:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2016-05-12 02:51 - 2015-01-06 05:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2016-05-12 02:51 - 2015-01-06 04:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2016-05-12 02:51 - 2015-01-06 04:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2016-05-12 02:40 - 2016-04-04 09:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-12 02:40 - 2016-04-02 16:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-12 02:40 - 2016-04-02 16:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-12 02:40 - 2016-03-28 16:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-12 02:40 - 2016-03-28 16:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-12 02:40 - 2016-03-28 16:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-12 02:40 - 2016-03-28 16:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-12 02:40 - 2016-03-28 16:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-12 02:40 - 2016-03-08 17:44 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-12 02:40 - 2015-12-16 20:11 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-05-12 02:40 - 2015-12-16 19:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-05-12 02:40 - 2015-10-22 20:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2016-05-12 02:40 - 2015-10-22 20:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2016-05-12 02:40 - 2015-10-22 20:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2016-05-12 02:40 - 2015-10-22 20:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2016-05-12 02:40 - 2015-10-22 19:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2016-05-12 02:40 - 2015-10-22 19:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2016-05-12 02:40 - 2015-10-22 19:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2016-05-12 02:40 - 2015-10-22 19:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2016-05-12 02:40 - 2015-10-22 19:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-05-12 02:40 - 2015-10-22 18:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-05-12 02:40 - 2015-10-22 17:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-05-12 02:40 - 2015-10-22 17:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2016-05-12 02:40 - 2015-06-10 01:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-12 02:40 - 2015-06-10 01:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-12 02:40 - 2015-06-10 01:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-12 02:40 - 2015-05-01 04:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-05-12 02:40 - 2015-05-01 04:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-05-12 02:40 - 2015-05-01 04:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-05-12 02:39 - 2016-01-22 08:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-05-12 02:39 - 2016-01-22 07:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-05-12 02:34 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-05-12 02:34 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-12 02:27 - 2015-05-12 16:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-05-12 02:20 - 2014-07-24 06:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-05-12 02:20 - 2014-07-24 06:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-05-12 02:19 - 2015-07-14 06:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2016-05-12 02:08 - 2016-05-12 15:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-12 02:08 - 2016-05-12 10:46 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-05-12 02:08 - 2016-05-12 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-05-12 02:08 - 2016-05-12 02:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-05-12 02:07 - 2016-05-12 14:37 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-12 02:07 - 2016-05-12 02:16 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-12 02:07 - 2016-05-12 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-12 02:07 - 2016-05-12 02:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-12 02:07 - 2016-05-12 02:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-12 02:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-12 02:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-12 02:06 - 2016-05-12 13:33 - 00000000 ____D C:\Program Files\CCleaner
2016-05-12 02:06 - 2016-05-12 02:06 - 00002768 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-05-12 02:06 - 2016-05-12 02:06 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-12 02:06 - 2016-05-12 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-12 02:05 - 2016-05-12 02:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-05-12 02:05 - 2016-05-12 02:04 - 00002148 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-05-12 02:04 - 2016-05-12 15:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-12 02:04 - 2016-05-12 02:04 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-05-12 02:04 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2016-05-12 02:03 - 2016-05-12 02:57 - 00927640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-05-12 02:03 - 2015-12-06 01:12 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-05-12 02:03 - 2015-12-06 01:12 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2016-05-12 02:01 - 2016-05-12 02:01 - 00000000 ____D C:\Users\h\Desktop\desktop2
2016-05-12 01:57 - 2016-05-12 15:13 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-05-12 01:57 - 2016-05-12 15:13 - 00000000 __SHD C:\Users\h\IntelGraphicsProfiles
2016-05-12 01:57 - 2016-05-12 01:57 - 00000020 ___SH C:\Users\h\ntuser.ini
2016-05-12 01:53 - 2016-05-12 01:53 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-12 01:39 - 2016-05-12 01:39 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-12 01:35 - 2016-05-12 01:35 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-05-12 01:34 - 2016-05-12 01:57 - 00000000 ____D C:\Users\h
2016-05-12 01:34 - 2016-05-12 01:53 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2016-05-12 01:34 - 2016-05-12 01:53 - 00020958 _____ C:\WINDOWS\diagerr.xml
2016-05-12 01:34 - 2016-05-12 01:34 - 00000000 _SHDL C:\Users\h\My Documents
2016-05-12 01:34 - 2016-05-12 01:34 - 00000000 _SHDL C:\Users\h\Documents\My Videos
2016-05-12 01:34 - 2016-05-12 01:34 - 00000000 _SHDL C:\Users\h\Documents\My Pictures
2016-05-12 01:34 - 2016-05-12 01:34 - 00000000 _SHDL C:\Users\h\Documents\My Music
2016-05-12 01:34 - 2014-11-21 07:52 - 00000369 _____ C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-05-12 01:34 - 2014-11-21 07:52 - 00000369 _____ C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-05-12 01:26 - 2016-05-12 01:26 - 00000000 ____D C:\Program Files\Elantech
2016-05-12 01:25 - 2016-05-12 01:36 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-12 01:25 - 2016-05-12 01:25 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-05-12 01:25 - 2016-05-12 01:25 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-05-12 01:25 - 2016-05-12 01:25 - 00000000 ____D C:\Program Files\Realtek
2016-05-12 01:25 - 2015-08-27 18:20 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-05-12 01:25 - 2015-08-27 18:20 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-05-12 01:24 - 2016-05-12 15:12 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.dll
2016-05-12 01:23 - 2016-05-12 15:13 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.exe
2016-05-12 01:23 - 2016-05-12 15:12 - 00029336 _____ C:\WINDOWS\system32\wpbbin.exe
2016-05-12 01:23 - 2016-05-12 15:12 - 00017408 _____ C:\WINDOWS\system32\rpcnetp.exe
2016-05-12 00:12 - 2016-05-12 00:13 - 00894960 _____ C:\Users\h\Downloads\Norton_Removal_Tool.exe
2016-05-11 21:34 - 2016-05-11 21:34 - 00000129 _____ C:\Users\h\Documents\sdecfvgfr.txt
2016-05-11 15:32 - 2016-05-11 15:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 15:32 - 2016-05-11 15:32 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 14:57 - 2016-05-11 14:57 - 00000000 _____ C:\Recovery.txt
2016-05-11 14:04 - 2013-05-04 07:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2016-05-11 14:04 - 2013-05-04 07:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2016-05-11 13:09 - 2016-05-11 13:18 - 00000000 ____D C:\Users\h\AppData\Local\Mozilla
2016-05-11 13:09 - 2016-05-11 13:09 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-11 13:09 - 2016-05-11 13:09 - 00000000 ____D C:\Users\h\AppData\Roaming\Mozilla
2016-05-11 13:09 - 2016-05-11 13:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-11 13:08 - 2016-05-11 13:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-11 12:33 - 2016-05-11 12:33 - 00000000 ____D C:\Users\h\AppData\Roaming\No Company Name
2016-05-11 06:17 - 2016-05-12 14:02 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3872551936-1943246106-3439750639-1001
2016-05-11 06:15 - 2016-05-11 06:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2016-05-11 06:15 - 2016-05-11 06:15 - 00000000 ____D C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-11 06:14 - 2016-05-11 06:14 - 00000000 ____D C:\Users\h\AppData\Local\Samsung
2016-05-11 06:12 - 2016-05-11 12:34 - 00000000 ____D C:\Users\h\Documents\Bluetooth Folder
2016-05-11 06:12 - 2016-05-11 06:12 - 00001202 _____ C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Support Center Toasts.lnk
2016-05-11 06:12 - 2016-05-11 06:12 - 00000000 ____D C:\Users\h\AppData\Roaming\Atheros
2016-05-11 06:12 - 2016-05-11 06:12 - 00000000 ____D C:\Users\h\AppData\Local\BMExplorer
2016-05-11 06:12 - 2016-05-11 06:12 - 00000000 ____D C:\Users\h\AppData\Local\Adobe
2016-05-11 06:12 - 2016-05-11 06:12 - 00000000 ____D C:\Users\h\AppData\Local\Absolute_Software
2016-05-11 06:12 - 2016-05-11 06:12 - 00000000 _____ C:\Users\h\AppData\Roaming\AbsoluteReminder.xml
2016-05-11 06:11 - 2016-05-12 02:25 - 00000000 ____D C:\Users\h\AppData\Local\Packages
2016-05-11 06:11 - 2016-05-11 12:33 - 00000000 ____D C:\Users\h\AppData\Roaming\Adobe
2016-05-11 06:11 - 2016-05-11 06:11 - 00000000 ____D C:\Users\h\AppData\Local\VirtualStore
2016-05-11 06:11 - 2016-05-11 06:11 - 00000000 _____ C:\WINDOWS\system32\Drivers\144D_SAMSUNG_na_530U4E_P05A.mrk
2016-05-11 06:11 - 2012-12-03 05:52 - 121134360 _____ C:\WINDOWS\[0409]New Samsung Series57 ULTRA_eng.scr
2016-05-10 21:58 - 2016-05-10 21:58 - 00000000 __RHD C:\Users\Public\AccountPictures

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-12 15:15 - 2013-02-22 05:21 - 00000000 ____D C:\ProgramData\WinClon
2016-05-12 15:12 - 2013-08-22 17:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-12 15:11 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-12 15:11 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-12 15:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-12 15:11 - 2013-08-22 16:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-12 14:16 - 2012-07-26 10:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-12 13:54 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-12 13:53 - 2012-07-26 11:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-05-12 13:36 - 2014-11-21 07:44 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-12 13:36 - 2013-02-22 05:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-05-12 12:20 - 2013-08-22 18:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-12 12:19 - 2013-08-22 18:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-12 12:18 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-05-12 12:08 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-05-12 12:01 - 2014-11-21 07:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 11:59 - 2013-08-22 18:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-05-12 11:56 - 2014-11-21 07:34 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-12 11:54 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-05-12 11:54 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-05-12 11:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-05-12 11:35 - 2013-08-22 18:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-12 03:29 - 2014-11-21 15:17 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-05-12 02:57 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2016-05-12 02:52 - 2013-02-22 05:17 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-05-12 02:24 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-12 02:04 - 2013-08-22 16:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-12 02:04 - 2013-02-22 05:36 - 00000000 ____D C:\Users\EasySurvey
2016-05-12 02:04 - 2012-07-26 11:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-05-12 02:04 - 2012-07-26 08:37 - 00000000 ____D C:\Users\Default.migrated
2016-05-12 01:57 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-12 01:54 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\Registration
2016-05-12 01:50 - 2013-08-22 18:36 - 00000000 __RSD C:\WINDOWS\Media
2016-05-12 01:50 - 2013-08-22 18:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-12 01:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-12 01:41 - 2013-02-22 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2016-05-12 01:41 - 2013-02-22 05:36 - 00000000 ____D C:\WINDOWS\en
2016-05-12 01:41 - 2013-02-22 05:35 - 00000000 ____D C:\WINDOWS\ar
2016-05-12 01:41 - 2013-02-22 05:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2016-05-12 01:41 - 2013-02-22 04:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-05-12 01:38 - 2014-11-21 06:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-05-12 01:38 - 2014-11-21 06:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-05-12 01:38 - 2014-11-21 06:50 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-12 01:38 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-12 01:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-05-12 01:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 01:38 - 2013-02-22 05:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-05-12 01:36 - 2013-08-22 18:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-12 01:36 - 2013-08-22 18:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-12 01:36 - 2013-08-22 18:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-05-12 01:36 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\IME
2016-05-12 01:36 - 2013-08-22 18:36 - 00000000 ____D C:\WINDOWS\Help
2016-05-12 01:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-12 01:36 - 2012-08-06 00:11 - 00000000 ____D C:\ProgramData\PRICache
2016-05-12 00:32 - 2013-02-22 05:28 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-05-12 00:32 - 2013-02-22 05:27 - 00000000 ____D C:\ProgramData\Norton
2016-05-12 00:32 - 2013-02-22 05:27 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2016-05-12 00:08 - 2014-11-22 01:03 - 00000000 ___HD C:\$Windows.~BT
2016-05-11 23:22 - 2012-07-26 11:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2016-05-11 12:36 - 2013-02-22 04:34 - 00000000 ____D C:\Program Files\Samsung
2016-05-11 12:36 - 2013-02-22 04:34 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-05-11 12:35 - 2013-02-22 05:24 - 00000000 ____D C:\ProgramData\Adobe
2016-05-11 06:25 - 2013-02-22 05:26 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-05-11 06:24 - 2013-02-22 05:34 - 00000000 ____D C:\ProgramData\PopCap Games
2016-05-11 06:23 - 2013-02-22 04:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-11 06:12 - 2013-02-22 06:23 - 00000000 ____D C:\ProgramData\Atheros
2016-05-11 06:11 - 2013-02-21 05:35 - 00000000 ____D C:\WINDOWS\MSetup
2016-05-03 04:15 - 2014-11-21 15:27 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-03 04:15 - 2014-11-21 15:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-05-11 06:12 - 2016-05-11 06:12 - 0000000 _____ () C:\Users\h\AppData\Roaming\AbsoluteReminder.xml
2013-02-22 05:36 - 2013-02-19 10:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-02-22 05:36 - 2013-01-12 17:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-12 01:23

==================== End of FRST.txt ============================

Link to post
Share on other sites

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by h (2016-05-12 15:17:10)
Running from C:\Users\h\Downloads
Windows 8.1 Single Language (X64) (2016-05-11 22:57:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3872551936-1943246106-3439750639-500 - Administrator - Disabled)
Guest (S-1-5-21-3872551936-1943246106-3439750639-501 - Limited - Disabled)
h (S-1-5-21-3872551936-1943246106-3439750639-1001 - Administrator - Enabled) => C:\Users\h

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare X64 11.7.8.5_WHQL (HKLM\...\Elantech) (Version: 11.7.8.5 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{196E43FB-929D-4838-B859-BF27557A6CA0}) (Version: 1.0.98.0 - Condusiv Technologies)
Fast Flash Sleep Resume (x32 Version: 1.1.2 - Samsung) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1196 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1196 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39036 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.4 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.0 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2600 - DTS, Inc.)
Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DC4F83F3-CAF0-4347-97A4-D6B43D7E34F0}) (Version: 2.1.7 - Samsung Electronics CO., LTD.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3872551936-1943246106-3439750639-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C6BCEC-64CC-4D0A-8BDD-F75170E39A12} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-01-14] (Samsung Electronics CO., LTD.)
Task: {2150A38F-D34C-40AE-8D17-97DBDD5A52D0} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {35A55691-8159-44FA-A6D4-763F4D765673} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\WSCStub.exe
Task: {478DD5AD-DCEE-4002-9236-864F730CA693} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {8BE5FA32-E57E-43D0-9AF8-3FFD9DCED1CA} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\SymErr.exe
Task: {905EF217-1E49-47B6-8F69-025B0F233116} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-01-03] (Samsung Electronics CO., LTD.)
Task: {9540B56E-963F-4665-B070-5EE0DE62CDE9} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\SymErr.exe
Task: {AE163249-FAB0-40CC-8086-A1D4E842C0AE} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {B0EFEA25-42C0-4FA1-8468-49025CD2104E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {B7EBA249-85CA-40CD-BE00-15EBA9244A2B} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2013-01-03] (Samsung)
Task: {CB93FCEE-3CED-41AD-85D1-B92A223B2FF5} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {D1AC87BC-A78D-4FB7-94DF-19D9C190320F} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-01-14] (SEC)
Task: {D7827568-3358-4BCF-B870-021AA20CB212} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-05-12 01:23 - 2016-05-12 15:12 - 00017408 _____ () C:\WINDOWS\System32\rpcnetp.exe
2013-01-14 06:13 - 2013-01-14 06:13 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-10-31 14:57 - 2012-10-31 14:57 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-10-31 14:55 - 2012-10-31 14:55 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-10-31 14:57 - 2012-10-31 14:57 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-05-04 22:25 - 2015-05-04 22:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2013-01-03 12:01 - 2013-01-03 12:01 - 00022528 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 01081904 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-01-14 06:13 - 2013-01-14 06:13 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-02-22 05:14 - 2012-06-25 21:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3872551936-1943246106-3439750639-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Samsung\Samsung_wallpaper.jpg
DNS Servers: 93.115.85.210 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DCA9A372-73C7-4D33-B0CA-72BC31622A07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5369C3D6-8D4E-4577-B65F-2D94024C1F24}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91191B56-38BD-438E-B4CF-747C52272BBB}] => (Allow) LPort=1900
FirewallRules: [{D000ABBC-8ABB-4033-A330-8F88E454AC73}] => (Allow) LPort=2869
FirewallRules: [{BFA56CDC-9A03-4E6B-A6B2-DE670D5759DC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

==================== Restore Points =========================

12-05-2016 02:46:50 Windows Update

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WebCam SC-10HDP12631N
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 68%
Total physical RAM: 3977.83 MB
Available physical RAM: 1270.09 MB
Total Virtual: 5385.84 MB
Available Virtual: 2260.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:441.93 GB) (Free:378.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B01D1FAF)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 517CD6B4)

Partition: GPT.

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.