Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Mysearch maleware issue [Solved]

Started by ttsstr5 , Feb 23 2016 10:29 AM

This topic is locked

#1
ttsstr5

Posted 23 February 2016 - 10:29 AM

Member

Member
40 posts

Mysearch has hijacked my IE browser. I have looked for a toolbar to remove & in the add/remove programs, I can't find a way to get rid of it. I have stopped all the pop-ups from appearing but I still can not get my start page to stay as what I make it.

Windows 10 64-bit OS

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by Brandu (administrator) on BRANDY (23-02-2016 10:23:01)
Running from C:\Users\Brandu\Desktop
Loaded Profiles: Brandu (Available Profiles: Brandu)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Users\Brandu\AppData\Local\Torch\Application\torch.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(TorchMedia Inc.) C:\Users\Brandu\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\nav.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\nav.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CenturyLink Inc) C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
() C:\Users\Brandu\Downloads\AutoClicker.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46051.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46051.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files (x86)\Claire Buddy Pogo\Claire buddy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(LastPass) C:\Users\Brandu\AppData\LocalLow\LastPass\LastPassBroker.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48616 2015-07-21] (CenturyLink Inc)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-02-23]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-02-23]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{cf9563d8-7232-4fce-b244-326132119b56}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.pogo.com/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-02-23] (LastPass)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-02-23] (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-02-23] (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-02-23] (LastPass)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2406282524-2505965915-1096584995-1001 -> hxxp://www.pogo.com/

FireFox:
========
FF ProfilePath: C:\Users\Brandu\AppData\Roaming\Mozilla\Firefox\Profiles\d9jq46tx.default
FF DefaultSearchEngine.US: Google
FF Homepage: www.facebook.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-02-23] (LastPass)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-02-23] (LastPass)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2406282524-2505965915-1096584995-1001: TorchVLC -> C:\Users\Brandu\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2015-11-02] (VideoLAN)
FF Extension: LastPass - C:\Users\Brandu\AppData\Roaming\Mozilla\Firefox\Profiles\d9jq46tx.default\extensions\[email protected] [2016-02-04]
FF Extension: Snap Links Plus - C:\Users\Brandu\AppData\Roaming\Mozilla\Firefox\Profiles\d9jq46tx.default\extensions\[email protected] [2016-02-16]
FF Extension: OneTab - C:\Users\Brandu\AppData\Roaming\Mozilla\Firefox\Profiles\d9jq46tx.default\Extensions\[email protected] [2016-02-18]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon [2016-02-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon

Chrome:
=======
CHR HomePage: Default -> hxxps://www.facebook.com/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=U312DF&PC=U312&q={searchTerms}
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-21]
CHR Extension: (Google Docs) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-21]
CHR Extension: (Google Drive) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (UCut.it - Simplifying URL sharing) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcpcmfbnomejoedffciddejmhbanocid [2016-02-21]
CHR Extension: (Click Trap Remover, Shortlinker and POD post) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkpgpnhpamnbamgbpdhegjehippjdgd [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (eBay) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2016-02-21]
CHR Extension: (Dirt Farmer's Farmville Toolbar) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccncmkflkdcckehapobbkeijklnapnpg [2016-02-21]
CHR Extension: (Adblock Plus) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Tampermonkey) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-21]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2016-02-21]
CHR Extension: (Gmail Offline) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-02-21]
CHR Extension: (Google Sheets) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-21]
CHR Extension: (PogoCheats Bot Helper) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkloikadaafjolfnhhiogalghodfkmf [2016-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-22]
CHR Extension: (Fen Info Game Zynga) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdnhjldehjmcholedfabijdddfhohco [2016-02-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-02-21]
CHR Extension: (Dirt Farmer's Click Trap Remover) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgpkdoghndaeolkpcikaieakkfjnall [2016-02-21]
CHR Extension: (Excel Online) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (LiveBinders) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kagfdmflaniigokendelkpbijalfmehd [2016-02-21]
CHR Extension: (eBay for Chrome) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-02-21]
CHR Extension: (Motorola Connect) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh [2016-02-21]
CHR Extension: (Google Hangouts) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-02-21]
CHR Extension: (Linkclump) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2016-02-21]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-02-21]
CHR Extension: (Kuroko) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffcgmdpbedknikgafaggdmhlpjefkpc [2016-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-21]
CHR Extension: (Bing) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgaflfnfknmefgjhlgkohmpekighhdi [2016-02-22]
CHR Extension: (Free Fax in the US, Canada) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiidojdnglaafokickcabfmfhpkhdcgp [2016-02-21]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2016-02-21]
CHR Extension: (One Window) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\papnlnnbddhckngcblfljaelgceffobn [2016-02-21]
CHR Extension: (Click&Clean App) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-02-22]
CHR Extension: (Gmail) - C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-21]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-21]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329264 2015-07-26] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\NAV.exe [282016 2015-11-20] (Symantec Corporation)
R2 TorchCrashHandler; C:\Users\Brandu\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217400 2015-12-26] (TorchMedia Inc.) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2016-02-12] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1605050.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2016-02-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2016-02-21] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\IPSDefs\20160222.001\IDSvia64.sys [767224 2016-02-19] (Symantec Corporation)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-26] (Intel Corporation)
R3 mwlu97w8; C:\Windows\System32\drivers\mwlu97w8x64.sys [1602560 2015-10-30] (Marvell Semiconductors, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20160222.033\ENG64.SYS [138488 2016-02-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20160222.033\EX64.SYS [2148080 2016-02-21] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1605050.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [1624344 2015-07-26] (Microsoft Corporation)
R3 SurfaceTypeCover; C:\Windows\System32\drivers\SurfaceTypeCover.sys [37960 2013-09-13] (Microsoft Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1605050.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-02-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1605050.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 10:23 - 2016-02-23 10:23 - 00021730 _____ C:\Users\Brandu\Desktop\FRST.txt
2016-02-23 10:22 - 2016-02-23 10:23 - 00000000 ____D C:\FRST
2016-02-23 10:09 - 2016-02-23 10:22 - 02371072 _____ (Farbar) C:\Users\Brandu\Desktop\FRST64.exe
2016-02-23 09:24 - 2016-02-23 09:24 - 00001152 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-02-23 09:24 - 2016-02-23 09:24 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-02-23 09:24 - 2016-02-23 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-02-23 09:24 - 2016-02-23 09:24 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-02-23 09:12 - 2016-02-23 09:23 - 21405208 _____ (LastPass) C:\Users\Brandu\Downloads\lastpass_x64.exe
2016-02-23 08:54 - 2016-02-23 09:44 - 00000000 ____D C:\Program Files (x86)\Claire Buddy Pogo
2016-02-22 22:01 - 2016-02-23 08:01 - 00000000 ____D C:\Program Files (x86)\Addiction Buddy Pogo
2016-02-22 21:32 - 2016-02-22 21:33 - 00000000 ____D C:\Program Files (x86)\Flower Days Buddy Pogo
2016-02-22 20:16 - 2016-02-22 21:32 - 00000000 ____D C:\Program Files (x86)\Makeover Buddy Pogo
2016-02-22 16:43 - 2016-02-22 16:43 - 00000000 ____D C:\Program Files (x86)\Peggle Slots Buddy Pogo
2016-02-22 16:26 - 2016-02-22 16:26 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\Temp
2016-02-22 13:53 - 2016-02-22 13:53 - 00000000 ____D C:\Program Files (x86)\MahjEsc Buddy Pogo
2016-02-22 07:44 - 2016-02-23 05:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2016-02-21 22:28 - 2016-02-22 16:56 - 00000000 ____D C:\Program Files (x86)\Lotso Buddy Pogo
2016-02-21 22:28 - 2016-02-21 22:28 - 00000000 ____D C:\Program Files (x86)\Lotso Xpress Buddy Pogo
2016-02-21 22:25 - 2016-02-21 22:25 - 00000000 ____D C:\Program Files (x86)\Canasta Buddy Pogo
2016-02-21 22:23 - 2016-02-23 08:54 - 00000000 ____D C:\Users\Brandu\Desktop\PlayBuddy
2016-02-21 20:49 - 2016-02-21 20:58 - 00000000 ____D C:\Program Files (x86)\Mahjong Safari Buddy Pogo
2016-02-21 20:32 - 2016-02-22 18:55 - 00000000 ____D C:\Program Files (x86)\MahJGar Buddy Pogo
2016-02-21 14:46 - 2016-02-21 14:47 - 00000000 ____D C:\Users\Brandu\Desktop\Gameotter
2016-02-21 14:28 - 2016-02-21 16:18 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\AweSEM
2016-02-21 13:53 - 2016-02-21 13:53 - 00000000 ____D C:\ProgramData\eSellerate
2016-02-21 13:07 - 2016-02-21 13:07 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch Apps
2016-02-21 13:03 - 2016-02-23 07:43 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2016-02-21 13:03 - 2016-02-21 21:44 - 00001378 _____ C:\Users\Brandu\Desktop\Torch.lnk
2016-02-21 13:03 - 2016-02-21 13:04 - 00001386 _____ C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2016-02-21 13:02 - 2016-02-21 13:03 - 00000000 ____D C:\Users\Brandu\AppData\Local\Torch
2016-02-21 12:55 - 2016-02-23 09:45 - 00000000 ____D C:\Users\Brandu\AppData\Local\CrashDumps
2016-02-21 12:05 - 2016-02-23 10:23 - 00000000 ____D C:\ProgramData\TEMP
2016-02-21 12:05 - 2016-02-23 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play Buddy
2016-02-21 12:05 - 2016-02-21 13:53 - 00000000 ____D C:\Program Files (x86)\Pegland Buddy Pogo
2016-02-21 11:46 - 2016-02-22 07:39 - 00003388 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-02-21 11:46 - 2016-02-22 07:39 - 00002413 _____ C:\Users\Public\Desktop\Norton AntiVirus Online.LNK
2016-02-21 11:46 - 2016-02-21 11:46 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2016-02-21 11:46 - 2016-02-21 11:46 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2016-02-21 11:46 - 2016-02-21 11:46 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-02-21 11:45 - 2016-02-22 07:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus Online
2016-02-21 11:45 - 2016-02-22 07:39 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2016-02-21 11:45 - 2016-02-21 11:46 - 00000000 ____D C:\ProgramData\Norton
2016-02-21 11:45 - 2016-02-21 11:45 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-21 11:45 - 2016-02-21 11:45 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-21 11:45 - 2016-02-21 11:45 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2016-02-21 11:40 - 2016-02-21 11:40 - 00000148 _____ C:\Users\Brandu\Desktop\CenturyLink PC Services.url
2016-02-21 11:33 - 2016-02-21 11:37 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\PCHC
2016-02-21 11:33 - 2016-02-21 11:33 - 00000000 ____D C:\ProgramData\PCHC
2016-02-21 11:29 - 2016-02-21 11:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-21 11:29 - 2016-02-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink
2016-02-21 11:29 - 2016-02-21 11:29 - 00000000 ____D C:\ProgramData\CenturyLink
2016-02-21 11:29 - 2016-02-21 11:29 - 00000000 ____D C:\Program Files (x86)\Qwest
2016-02-21 11:29 - 2016-02-21 11:29 - 00000000 ____D C:\Program Files (x86)\CenturyLink
2016-02-21 10:09 - 2016-02-23 09:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-21 10:08 - 2016-02-23 01:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-21 10:08 - 2016-02-21 10:08 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-21 10:08 - 2016-02-21 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-21 10:08 - 2016-02-21 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-21 10:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-21 10:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-21 10:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-21 09:54 - 2016-02-21 09:54 - 00000000 _____ C:\autoexec.bat
2016-02-21 09:43 - 2016-02-21 13:00 - 00000000 ____D C:\AdwCleaner
2016-02-21 09:43 - 2016-02-21 09:43 - 01511424 _____ C:\Users\Brandu\Desktop\AdwCleaner.exe
2016-02-21 09:17 - 2016-02-21 09:17 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-02-20 23:16 - 2016-02-20 23:16 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\WinRAR
2016-02-20 23:15 - 2016-02-20 23:15 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-20 23:15 - 2016-02-20 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-20 23:15 - 2016-02-20 23:15 - 00000000 ____D C:\Program Files\WinRAR
2016-02-17 13:27 - 2016-02-17 13:27 - 00000000 ____D C:\Users\Brandu\Documents\2016_02_17
2016-02-17 13:16 - 2016-02-17 13:25 - 07837268 _____ C:\Users\Brandu\Documents\IMG_20160217_0002.pdf
2016-02-17 13:14 - 2016-02-17 13:17 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2016-02-17 13:14 - 2016-02-17 13:14 - 00568116 _____ C:\Users\Brandu\Documents\IMG_20160217_0001.pdf
2016-02-17 13:10 - 2016-02-17 13:10 - 00000000 ___HD C:\ProgramData\CanonIJScan
2016-02-17 13:09 - 2016-02-17 13:14 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Canon
2016-02-17 13:08 - 2014-03-18 05:00 - 00408576 _____ (CANON INC.) C:\WINDOWS\system32\CNMXLMCB.DLL
2016-02-17 13:07 - 2016-02-17 13:07 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-02-17 13:07 - 2016-02-17 13:07 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\Canon Easy-WebPrint EX2
2016-02-17 13:07 - 2016-02-17 13:07 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\Canon Easy-WebPrint EX
2016-02-17 13:07 - 2016-02-17 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2900 series User Registration
2016-02-17 13:07 - 2016-02-17 13:07 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2016-02-17 13:07 - 2014-03-17 19:15 - 00380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2016-02-17 13:07 - 2014-03-17 19:15 - 00375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2016-02-17 13:07 - 2014-03-17 19:15 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2016-02-17 13:07 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_CBL.dll
2016-02-17 13:07 - 2013-12-02 09:57 - 00088320 _____ C:\WINDOWS\SysWOW64\CNC1780D.TBL
2016-02-17 13:07 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2016-02-17 13:06 - 2016-02-17 13:06 - 00002105 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2016-02-17 13:06 - 2016-02-17 13:06 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2016-02-17 13:04 - 2016-02-17 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-02-17 13:04 - 2016-02-17 13:07 - 00000000 ____D C:\Program Files\Canon
2016-02-17 13:04 - 2016-02-17 13:04 - 00000000 ___HD C:\Program Files\CanonBJ
2016-02-17 12:53 - 2016-02-17 13:09 - 00000000 ____D C:\Program Files (x86)\Canon
2016-02-17 12:26 - 2016-02-17 12:26 - 00000000 ____D C:\ProgramData\A-PDF
2016-02-16 22:05 - 2016-02-16 22:04 - 00006762 ___RT C:\Users\Brandu\Documents\Children in the Middle
2016-02-11 23:07 - 2016-02-23 01:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 09:46 - 2016-02-19 18:54 - 00231424 _____ C:\Users\Brandu\Documents\FarmReport.db
2016-02-11 09:46 - 2016-02-11 09:46 - 00000000 ____D C:\Users\Brandu\.credentials
2016-02-11 09:42 - 2016-02-11 09:42 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Sun
2016-02-11 09:42 - 2016-02-11 09:42 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\Sun
2016-02-11 09:42 - 2016-02-11 09:42 - 00000000 ____D C:\Users\Brandu\.oracle_jre_usage
2016-02-11 09:41 - 2016-02-11 09:42 - 00000000 ____D C:\ProgramData\Oracle
2016-02-11 09:41 - 2016-02-11 09:41 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-11 09:41 - 2016-02-11 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-11 09:41 - 2016-02-11 09:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-11 09:40 - 2016-02-11 09:40 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\Oracle
2016-02-11 09:34 - 2016-02-11 09:36 - 10424489 _____ C:\Users\Brandu\Desktop\Farm Report.jar
2016-02-09 18:30 - 2016-02-17 18:04 - 00000000 ____D C:\Users\Brandu\Desktop\Terry Divorce
2016-02-09 18:18 - 2016-01-29 00:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 18:18 - 2016-01-29 00:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 18:18 - 2016-01-27 00:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 18:18 - 2016-01-27 00:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 18:18 - 2016-01-27 00:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 18:18 - 2016-01-26 23:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 18:18 - 2016-01-26 23:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 18:18 - 2016-01-26 23:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 18:18 - 2016-01-26 23:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 18:18 - 2016-01-26 23:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 18:18 - 2016-01-26 23:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 18:18 - 2016-01-26 23:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 18:18 - 2016-01-26 23:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 18:18 - 2016-01-26 23:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 18:18 - 2016-01-26 23:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 18:18 - 2016-01-26 23:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 18:18 - 2016-01-26 23:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 18:18 - 2016-01-26 22:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 18:18 - 2016-01-26 22:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 18:18 - 2016-01-26 22:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 18:18 - 2016-01-26 22:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 18:18 - 2016-01-26 22:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 18:18 - 2016-01-26 22:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 18:18 - 2016-01-26 22:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 18:18 - 2016-01-26 22:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 18:18 - 2016-01-26 22:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 18:18 - 2016-01-26 22:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 18:18 - 2016-01-26 22:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 18:18 - 2016-01-26 22:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 18:18 - 2016-01-26 22:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 18:18 - 2016-01-26 22:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 18:18 - 2016-01-26 22:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 18:17 - 2016-01-27 00:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 18:17 - 2016-01-27 00:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 18:17 - 2016-01-26 23:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 18:17 - 2016-01-26 23:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 18:17 - 2016-01-26 23:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 18:17 - 2016-01-26 23:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 18:17 - 2016-01-26 23:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 18:17 - 2016-01-26 23:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 18:17 - 2016-01-26 23:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 18:17 - 2016-01-26 23:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 18:17 - 2016-01-26 23:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 18:17 - 2016-01-26 23:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 18:17 - 2016-01-26 23:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 18:17 - 2016-01-26 23:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 18:17 - 2016-01-26 23:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 18:17 - 2016-01-26 23:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 18:17 - 2016-01-26 23:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 18:17 - 2016-01-26 23:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 18:17 - 2016-01-26 23:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 18:17 - 2016-01-26 23:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 18:17 - 2016-01-26 23:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 18:17 - 2016-01-26 23:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 18:17 - 2016-01-26 23:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 18:17 - 2016-01-26 23:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 18:17 - 2016-01-26 23:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 18:17 - 2016-01-26 23:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 18:17 - 2016-01-26 22:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 18:17 - 2016-01-26 22:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 18:17 - 2016-01-26 22:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 18:17 - 2016-01-26 22:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 18:17 - 2016-01-26 22:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 18:17 - 2016-01-26 22:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 18:17 - 2016-01-26 22:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 16:25 - 2016-02-19 01:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 16:25 - 2016-02-09 16:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-02-09 16:25 - 2016-02-09 16:25 - 00002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 16:25 - 2016-02-09 16:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-09 16:24 - 2016-02-09 18:58 - 00000000 ____D C:\ProgramData\Adobe
2016-02-09 15:44 - 2016-02-22 16:26 - 00000000 ____D C:\Users\Brandu\Desktop\Brandy Divorce
2016-02-04 15:07 - 2016-02-23 05:04 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E69BCE0-533F-495E-AA4A-12857ACB4397}
2016-02-04 15:07 - 2016-02-04 15:07 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-02-04 09:36 - 2016-02-04 09:36 - 00000000 ____D C:\Users\Brandu\AppData\Local\Macromedia
2016-02-04 09:32 - 2016-02-23 10:23 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-04 09:32 - 2016-02-09 19:23 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-04 09:31 - 2016-02-09 17:12 - 00000000 ____D C:\Users\Brandu\AppData\Local\Adobe
2016-02-04 09:24 - 2016-02-04 09:24 - 00784707 _____ C:\Users\Brandu\Downloads\AutoClicker.exe
2016-02-04 09:24 - 2016-02-04 09:24 - 00000000 ____D C:\Users\Brandu\Documents\AutomaticSolution Software
2016-02-04 09:14 - 2016-02-23 10:09 - 00000000 ____D C:\Users\Brandu\AppData\LocalLow\LastPass
2016-02-04 09:08 - 2016-02-21 09:47 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-04 09:08 - 2016-02-12 18:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-04 09:08 - 2016-02-04 09:14 - 00000000 ____D C:\Users\Brandu\AppData\Local\Mozilla
2016-02-04 09:08 - 2016-02-04 09:08 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Mozilla
2016-02-04 08:53 - 2016-02-21 13:02 - 00000000 ____D C:\Users\Brandu\Downloads\Farmbuck Trainer V 5.2
2016-02-04 08:53 - 2016-02-04 08:53 - 00000000 ____D C:\Users\Brandu\Documents\My Cheat Tables
2016-02-04 08:52 - 2014-03-30 19:21 - 03345312 _____ C:\Users\Brandu\Downloads\Farmbuck Trainer V 5.2.zip
2016-02-03 21:16 - 2016-02-03 21:16 - 00000000 ____D C:\Users\Brandu\Tracing
2016-02-03 21:14 - 2016-02-04 15:07 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Skype
2016-02-03 21:13 - 2016-02-04 15:07 - 00000000 ____D C:\ProgramData\Skype
2016-02-01 01:08 - 2016-02-01 01:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-01-31 13:54 - 2016-01-31 13:54 - 00000000 ____D C:\Users\Brandu\AppData\Local\PeerDistRepub
2016-01-31 13:39 - 2016-02-23 09:24 - 00000000 ____D C:\faceBot_Extreme
2016-01-31 13:39 - 2016-01-31 18:31 - 00000736 _____ C:\Users\Public\Desktop\faceBot Extreme.lnk
2016-01-31 13:39 - 2016-01-31 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\faceBot Extreme
2016-01-31 10:23 - 2016-01-31 10:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsHid_02_15_00.Wdf
2016-01-31 10:23 - 2016-01-31 10:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-01-31 10:23 - 2016-01-31 10:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2016-01-31 10:15 - 2016-01-31 10:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-31 10:14 - 2016-01-31 10:14 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\RadicalLinux Developments
2016-01-31 09:29 - 2016-01-31 09:30 - 17781878 _____ C:\Users\Brandu\Downloads\Rainbows.themepack
2016-01-31 09:24 - 2016-02-04 08:25 - 00000000 ____D C:\Users\Brandu\AppData\Local\MicrosoftEdge
2016-01-31 01:21 - 2016-01-31 01:21 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-31 01:21 - 2016-01-31 01:21 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-01-31 01:21 - 2016-01-31 01:21 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-31 01:21 - 2016-01-31 01:21 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-31 01:21 - 2016-01-31 01:21 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-31 01:21 - 2016-01-31 01:21 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-01-31 01:21 - 2016-01-31 01:21 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-01-31 01:21 - 2016-01-31 01:21 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-31 01:21 - 2016-01-31 01:21 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-31 01:21 - 2016-01-31 01:21 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-31 01:21 - 2016-01-31 01:21 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-31 01:21 - 2016-01-31 01:21 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-31 01:21 - 2016-01-31 01:21 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-01-31 01:21 - 2016-01-31 01:21 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-01-31 01:12 - 2016-01-31 01:12 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-01-30 23:38 - 2016-01-30 23:38 - 00000000 ____D C:\Users\Brandu\AppData\Local\NetworkTiles
2016-01-30 23:37 - 2016-02-04 23:38 - 00002377 _____ C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-30 23:37 - 2016-01-30 23:37 - 00000000 ____D C:\Users\Brandu\AppData\Local\ActiveSync
2016-01-30 23:37 - 2016-01-30 23:37 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-01-30 23:35 - 2016-01-31 13:56 - 00000000 ____D C:\Users\Brandu\AppData\Local\Comms
2016-01-30 23:35 - 2016-01-30 23:35 - 00000020 ___SH C:\Users\Brandu\ntuser.ini
2016-01-30 23:35 - 2016-01-30 23:35 - 00000000 ____D C:\Users\Brandu\AppData\Local\TileDataLayer
2016-01-30 23:35 - 2016-01-30 23:35 - 00000000 ____D C:\Users\Brandu\AppData\Local\Publishers
2016-01-30 23:33 - 2016-02-23 09:27 - 00834360 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default\My Documents
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-01-30 23:32 - 2016-01-30 23:32 - 00000000 ____D C:\ProgramData\USOShared
2016-01-30 23:30 - 2016-02-22 07:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-30 23:28 - 2016-01-30 23:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-30 23:28 - 2016-01-30 23:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-01-30 23:28 - 2015-10-30 01:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-30 23:27 - 2016-02-21 13:00 - 00000000 ____D C:\Users\Brandu
2016-01-30 23:27 - 2016-01-30 23:27 - 00000000 _SHDL C:\Users\Brandu\My Documents
2016-01-30 23:27 - 2016-01-30 23:27 - 00000000 _SHDL C:\Users\Brandu\Documents\My Videos
2016-01-30 23:27 - 2016-01-30 23:27 - 00000000 _SHDL C:\Users\Brandu\Documents\My Pictures
2016-01-30 23:27 - 2016-01-30 23:27 - 00000000 _SHDL C:\Users\Brandu\Documents\My Music
2016-01-30 23:26 - 2016-01-31 07:37 - 00000000 ____D C:\WINDOWS\Firmware
2016-01-30 23:26 - 2016-01-30 23:26 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2016-01-30 23:26 - 2016-01-30 23:26 - 00000000 ____D C:\Program Files\Intel
2016-01-30 23:26 - 2016-01-30 23:26 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2016-01-30 23:26 - 2015-07-26 04:37 - 00073344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-01-30 23:26 - 2012-07-02 16:16 - 00062784 ____R (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2016-01-30 23:25 - 2016-01-30 23:29 - 00199712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-30 15:28 - 2016-01-30 15:28 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-01-30 15:20 - 2016-01-30 15:20 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-01-30 15:03 - 2016-01-30 15:03 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-30 15:01 - 2016-01-30 15:01 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00000000 ____D C:\ESD
2016-01-30 13:58 - 2016-01-30 13:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-01-30 13:51 - 2016-01-30 13:51 - 00000000 ___HD C:\$Windows.~WS
2016-01-30 13:43 - 2016-02-13 17:12 - 00000000 __RDO C:\Users\Brandu\OneDrive
2016-01-30 13:38 - 2016-01-30 23:30 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-01-30 13:35 - 2016-01-30 23:31 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-01-30 13:35 - 2016-01-30 23:31 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-01-30 13:31 - 2016-01-30 13:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsServiceDriver_01_11_00.Wdf
2016-01-30 13:31 - 2016-01-30 13:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsHIDClassDriver_01_11_00.Wdf
2016-01-30 10:12 - 2015-12-08 21:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-01-30 08:52 - 2016-02-21 10:56 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-30 08:51 - 2016-02-21 09:17 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-30 08:51 - 2016-02-21 09:17 - 00002447 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-30 08:49 - 2016-02-23 09:54 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-30 08:49 - 2016-02-23 08:54 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-30 08:49 - 2016-01-30 23:30 - 00003280 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-30 08:49 - 2016-01-30 23:30 - 00003052 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 08:49 - 2016-01-30 14:28 - 00000000 ____D C:\Users\Brandu\AppData\Local\Google
2016-01-30 08:49 - 2016-01-30 08:50 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-30 08:14 - 2016-01-30 08:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-30 00:10 - 2016-01-30 23:30 - 00002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2406282524-2505965915-1096584995-1001
2016-01-30 00:00 - 2016-01-30 13:41 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-01-30 00:00 - 2016-01-30 00:00 - 00000244 _____ C:\WINDOWS\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2016-01-29 23:13 - 2016-01-29 23:13 - 00000000 ____D C:\WINDOWS\SysWOW64\0C0A
2016-01-29 23:13 - 2016-01-29 23:13 - 00000000 ____D C:\WINDOWS\SysWOW64\040C
2016-01-29 23:13 - 2016-01-29 23:13 - 00000000 ____D C:\WINDOWS\system32\0C0A
2016-01-29 23:13 - 2016-01-29 23:13 - 00000000 ____D C:\WINDOWS\system32\040C
2016-01-29 22:28 - 2016-01-29 23:13 - 00000000 ____D C:\sources
2016-01-29 22:26 - 2016-01-29 22:26 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-29 20:13 - 2016-02-21 11:33 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-29 20:13 - 2016-02-09 18:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-29 20:04 - 2016-01-29 20:04 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-29 20:04 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMCB.DLL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 09:27 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-22 21:16 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-22 21:16 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-22 07:39 - 2015-10-30 01:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-21 13:01 - 2013-04-21 23:41 - 00000000 ____D C:\Users\Brandu\AppData\Local\VirtualStore
2016-02-21 13:00 - 2015-10-30 00:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-02-21 11:52 - 2015-10-30 00:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-21 10:21 - 2015-10-30 03:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-21 00:05 - 2013-04-21 23:47 - 00000000 ____D C:\Users\Brandu\AppData\Local\ElevatedDiagnostics
2016-02-17 13:07 - 2015-10-30 01:24 - 00000000 __RSD C:\WINDOWS\Media
2016-02-10 08:32 - 2013-04-21 23:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 03:48 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 03:30 - 2015-10-30 03:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 18:44 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 16:26 - 2013-04-21 23:41 - 00000000 ____D C:\Users\Brandu\AppData\Local\Packages
2016-02-06 23:37 - 2015-10-30 03:03 - 00000000 ____D C:\WINDOWS\OCR
2016-02-03 13:01 - 2015-10-30 01:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 13:01 - 2015-10-30 01:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-02-02 23:46 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\Com
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\IME
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Help
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-02 23:46 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-02 23:46 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-02 23:46 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-02 23:46 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-02 23:46 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\servicing
2016-01-31 07:29 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-01-31 01:25 - 2015-10-30 01:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-31 01:22 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-31 01:22 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-31 01:22 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-30 23:35 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-01-30 23:32 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-01-30 23:32 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Registration
2016-01-30 23:32 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-01-30 23:30 - 2015-10-30 01:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-30 23:29 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-30 23:29 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-30 23:29 - 2013-08-22 07:36 - 00000000 ____D C:\Users\Default.migrated
2016-01-30 23:28 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-01-30 23:28 - 2015-10-30 03:02 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-01-30 23:28 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-30 23:28 - 2014-11-21 10:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
2016-01-30 23:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-01-30 23:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-01-30 23:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-01-30 23:28 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-30 23:28 - 2013-03-28 13:11 - 00000000 ____D C:\ProgramData\PRICache
2016-01-30 15:23 - 2013-08-22 09:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-01-30 13:42 - 2013-04-21 23:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-01-30 12:32 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

==================== Files in the root of some directories =======

2016-02-23 09:24 - 2016-02-23 09:24 - 21405208 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe

Some files in TEMP:
====================
C:\Users\Brandu\AppData\Local\Temp\1pPVgOsMmu.exe
C:\Users\Brandu\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Brandu\AppData\Local\Temp\PCHCLauncher.exe
C:\Users\Brandu\AppData\Local\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll
C:\Users\Brandu\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-15 08:19

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by Brandu (2016-02-23 10:23:39)
Running from C:\Users\Brandu\Desktop
Windows 10 Pro Version 1511 (X64) (2016-01-31 05:34:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2406282524-2505965915-1096584995-500 - Administrator - Disabled)
Brandu (S-1-5-21-2406282524-2505965915-1096584995-1001 - Administrator - Enabled) => C:\Users\Brandu
DefaultAccount (S-1-5-21-2406282524-2505965915-1096584995-503 - Limited - Disabled)
Guest (S-1-5-21-2406282524-2505965915-1096584995-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Addiction Buddy 2.5 - Pogo Version (HKLM-x32\...\Addiction Buddy - Pogo Version_is1) (Version: - Play Buddy)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Canasta Buddy - Pogo Version 2.9 (HKLM-x32\...\Canasta Buddy - Pogo Version_is1) (Version: - Play Buddy)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series User Registration (HKLM-x32\...\Canon MG2900 series User Registration) (Version: - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CenturyLink Installer (HKLM-x32\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
Claire Buddy - Pogo Version 5.7 (HKLM-x32\...\Claire Buddy - Pogo Version_is1) (Version: - Play Buddy)
faceBot Extreme (HKLM-x32\...\{3BE7978B-CCBF-4AD9-93CE-35148C83E2A5}) (Version: 3.0.3.751 - RadicalLinux Developments)
Flower Days Buddy - Pogo Version 1.1 (HKLM-x32\...\Flower Days Buddy - Pogo Version_is1) (Version: - Play Buddy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Lotso Buddy - Pogo Version 2.3 (HKLM-x32\...\Lotso Buddy - Pogo Version_is1) (Version: - Play Buddy)
Lotso Xpress Buddy - Pogo Version 1.4 (HKLM-x32\...\Lotso Xpress Buddy - Pogo Version_is1) (Version: - Play Buddy)
MahjEsc Buddy - Pogo Version 2.9 (HKLM-x32\...\MahjEsc Buddy - Pogo Version_is1) (Version: - Play Buddy)
MahJGar Buddy - Pogo Version 3.9 (HKLM-x32\...\MahJGar Buddy - Pogo Version_is1) (Version: - Play Buddy)
MahjSaf Buddy 4.4 - Pogo Version (HKLM-x32\...\MahjSaf Buddy - Pogo Version_is1) (Version: - Play Buddy)
Makeover Buddy 3.0 - Pogo Version (HKLM-x32\...\Makeover Buddy - Pogo Version_is1) (Version: - Play Buddy)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton AntiVirus Online (HKLM-x32\...\NAV) (Version: 22.5.5.15 - Symantec Corporation)
Peggle Slots Buddy - Pogo Version 1.1 (HKLM-x32\...\Peggle Slots Buddy - Pogo Version_is1) (Version: - Play Buddy)
Pegland Buddy - Pogo Version 1.3 (HKLM-x32\...\Pegland Buddy - Pogo Version_is1) (Version: - Play Buddy)
Torch (HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\...\Torch) (Version: 45.0.0.10802 - Torch Media, Inc) <==== ATTENTION
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2406282524-2505965915-1096584995-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brandu\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {33A590E7-CD47-4A5A-A872-F455C79F1CCE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {4D17E56C-1B9B-4A2F-99FF-9117D30383BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)
Task: {4D8FB54E-8FBD-42EC-B3AD-8AE0B37EB800} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {6B735063-C938-4AB3-B960-9A54BF670B0C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {80B397A0-6204-4A97-B045-E3513BE1445D} - System32\Tasks\Norton AntiVirus\Norton Autofix => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {9DE162D2-A0DA-4792-9253-7A4C688C9AA9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-21] (Microsoft Corporation)
Task: {A7E56BFB-82F2-47D5-8FC2-DDBA3CEC63CC} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {AD20DC8D-1F61-4CC1-AA67-74C513AB8A37} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {C74E9DFA-BAE3-4EFD-9758-BEFBAB5B9789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,
ShortcutWithArgument: C:\Users\Brandu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 01:17 - 2015-10-30 01:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-02-04 09:24 - 2016-02-04 09:24 - 00784707 _____ () C:\Users\Brandu\Downloads\AutoClicker.exe
2016-01-31 08:18 - 2016-01-31 08:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-04 21:12 - 2016-02-04 21:13 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-04 21:12 - 2016-02-04 21:13 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-01-31 07:55 - 2016-01-31 07:58 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-11 21:26 - 2016-02-11 21:27 - 09789952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-02-23 08:54 - 2016-01-05 15:38 - 03100672 _____ () C:\Program Files (x86)\Claire Buddy Pogo\Claire buddy.exe
2016-01-31 01:21 - 2016-01-31 01:21 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-31 01:21 - 2016-01-31 01:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-31 08:18 - 2016-01-31 08:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-31 08:18 - 2016-01-31 08:20 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-23 08:54 - 2016-01-05 13:31 - 03263488 _____ () C:\Program Files (x86)\Claire Buddy Pogo\Register.dll
2016-02-23 08:54 - 2015-01-05 13:41 - 00159744 _____ () C:\Program Files (x86)\Claire Buddy Pogo\Updater.dll
2016-02-04 09:10 - 2016-02-04 09:10 - 01114648 _____ () C:\Users\Brandu\AppData\Roaming\Mozilla\Firefox\Profiles\d9jq46tx.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:47BE983A
AlternateDataStreams: C:\ProgramData\TEMP:7CC19ABF
AlternateDataStreams: C:\ProgramData\TEMP:86EBCA53
AlternateDataStreams: C:\ProgramData\TEMP:B1109A4B
AlternateDataStreams: C:\ProgramData\TEMP:E5B60B05
AlternateDataStreams: C:\ProgramData\TEMP:FAF1F444

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\...\www-mysearch.com -> hxxp://www-mysearch.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9BA2D072C4BD60967108F90904ECE4A6"
HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{B91E7D48-58E2-45F7-9F12-E3933B161B94}D:\facebot_extreme\facebotweb.exe] => (Allow) D:\facebot_extreme\facebotweb.exe
FirewallRules: [UDP Query User{A30FE13D-170C-4E4C-8733-657B968AC322}D:\facebot_extreme\facebotweb.exe] => (Allow) D:\facebot_extreme\facebotweb.exe
FirewallRules: [TCP Query User{2714DEC9-F939-4293-9287-533D17103281}C:\facebot_extreme\facebotweb.exe] => (Allow) C:\facebot_extreme\facebotweb.exe
FirewallRules: [UDP Query User{2412F597-B493-4653-AE37-4C738DFAAB17}C:\facebot_extreme\facebotweb.exe] => (Allow) C:\facebot_extreme\facebotweb.exe
FirewallRules: [{F7AC2CDB-9334-44B6-B358-A21A247349CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C319B46-444F-4FF4-B8FE-EEDE1F7E536D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CF3F4F8C-EFF8-491F-B012-E822F91281DB}C:\facebot_extreme\facebotweb.exe] => (Allow) C:\facebot_extreme\facebotweb.exe
FirewallRules: [UDP Query User{874BE2BC-63AE-4953-96D3-B50724222F6F}C:\facebot_extreme\facebotweb.exe] => (Allow) C:\facebot_extreme\facebotweb.exe
FirewallRules: [TCP Query User{D00F5A6C-CA42-4C33-8419-6537386855A2}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{5DB50C61-6C20-4777-80A9-69E4509054D4}C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{428D5A11-AB90-4334-92B8-ED5E2CDBA461}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E7964324-2A5A-4FB1-B273-534EC04721E7}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{3F24DF42-788F-4E8F-81D4-DF1FE29F9697}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{3AA9BE3D-9B2B-4A5C-9F7E-4EA71894B868}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{724DD9F5-FB5D-4ABE-8959-C0F58D6CC78A}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{E7E9FEFA-5438-4F6E-B62D-48C2CEBB6D6C}] => (Allow) C:\Users\Brandu\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{2962D9F1-25DE-4175-BA84-D1B2F0D494DF}] => (Allow) C:\Users\Brandu\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{67A693C8-5D1B-4F9F-8F10-8767F044A9F2}] => (Allow) C:\Users\Brandu\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2016 09:45:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: edgehtml.dll, version: 11.0.10586.103, time stamp: 0x56a8514f
Exception code: 0xc0000602
Fault offset: 0x000000000053a418
Faulting process id: 0x2c54
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/23/2016 09:35:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
Faulting module name: MSHTML.dll, version: 11.0.10586.103, time stamp: 0x56a85017
Exception code: 0xc0000005
Fault offset: 0x0045c305
Faulting process id: 0x2360
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/23/2016 09:34:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
Faulting module name: MSHTML.dll, version: 11.0.10586.103, time stamp: 0x56a85017
Exception code: 0xc0000005
Fault offset: 0x0045c305
Faulting process id: 0x1ab0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/23/2016 09:34:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
Faulting module name: MSHTML.dll, version: 11.0.10586.103, time stamp: 0x56a85017
Exception code: 0xc0000005
Fault offset: 0x0045c305
Faulting process id: 0x1f18
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/23/2016 09:34:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
Faulting module name: MSHTML.dll, version: 11.0.10586.103, time stamp: 0x56a85017
Exception code: 0xc0000005
Fault offset: 0x0045c305
Faulting process id: 0x289c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/23/2016 09:02:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.2.5884, time stamp: 0x56bbf417
Faulting module name: mozglue.dll, version: 44.0.2.5884, time stamp: 0x56bbe58e
Exception code: 0x80000003
Fault offset: 0x0000ed3b
Faulting process id: 0x453c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (02/22/2016 08:07:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9
Exception code: 0xc0000005
Fault offset: 0x00ac6197
Faulting process id: 0x1138
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/21/2016 01:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9
Exception code: 0xc0000005
Fault offset: 0x00ac6197
Faulting process id: 0x1338
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/21/2016 12:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.2.5884, time stamp: 0x56bbf417
Faulting module name: mozglue.dll, version: 44.0.2.5884, time stamp: 0x56bbe58e
Exception code: 0x80000003
Fault offset: 0x0000ed3b
Faulting process id: 0x74c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (02/21/2016 11:37:38 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

System errors:
=============
Error: (02/23/2016 09:02:56 AM) (Source: DCOM) (EventID: 10016) (User: BRANDY)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}BrandyBranduS-1-5-21-2406282524-2505965915-1096584995-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

Error: (02/22/2016 03:24:52 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: An attempt to configure the input mode of a multitouch device failed.

Error: (02/22/2016 07:39:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:00:36 AM on ‎2/‎22/‎2016 was unexpected.

Error: (02/21/2016 03:48:50 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/21/2016 01:03:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Torch Crash Handler service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

CodeIntegrity:
===================================
Date: 2016-02-21 09:51:33.973
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-11 03:55:00.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-10 03:31:14.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-09 20:34:16.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-07 17:24:18.971
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-03 04:34:19.785
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-01 03:58:37.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 10:24:01.628
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 07:37:50.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-30 23:30:19.837
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 62%
Total physical RAM: 3979.7 MB
Available physical RAM: 1475.44 MB
Total Virtual: 7179.7 MB
Available Virtual: 4016.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:109.79 GB) (Free:81.27 GB) NTFS
Drive d: () (Fixed) (Total:232.89 GB) (Free:176.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3DEB04CB)

Partition: GPT.

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 020BDC83)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Edited by ttsstr5, 23 February 2016 - 10:35 AM.

#2
Essexboy

Posted 23 February 2016 - 12:19 PM

GeekU Moderator

Retired Staff
69,964 posts

Could you let me know of any problems after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
FF Plugin HKU\S-1-5-21-2406282524-2505965915-1096584995-1001: TorchVLC -> C:\Users\Brandu\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2015-11-02] (VideoLAN)
R2 TorchCrashHandler; C:\Users\Brandu\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217400 2015-12-26] (TorchMedia Inc.) <==== ATTENTION
2016-02-21 13:53 - 2016-02-21 13:53 - 00000000 ____D C:\ProgramData\eSellerate
2016-02-21 13:07 - 2016-02-21 13:07 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch Apps
2016-02-21 13:03 - 2016-02-23 07:43 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2016-02-21 13:03 - 2016-02-21 21:44 - 00001378 _____ C:\Users\Brandu\Desktop\Torch.lnk
2016-02-21 13:03 - 2016-02-21 13:04 - 00001386 _____ C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2016-02-21 13:02 - 2016-02-21 13:03 - 00000000 ____D C:\Users\Brandu\AppData\Local\Torch
ShortcutWithArgument: C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,
ShortcutWithArgument: C:\Users\Brandu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,
C:\Users\Brandu\AppData\Local\Torch
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S0].txt as well.

#3
ttsstr5

Posted 23 February 2016 - 02:42 PM

Member

Topic Starter
Member
40 posts

Fix result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01

Ran by Brandu (2016-02-23 14:24:44) Run:1

Running from C:\Users\Brandu\Desktop

Loaded Profiles: Brandu (Available Profiles: Brandu)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

FF Plugin HKU\S-1-5-21-2406282524-2505965915-1096584995-1001: TorchVLC -> C:\Users\Brandu\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2015-11-02] (VideoLAN)

R2 TorchCrashHandler; C:\Users\Brandu\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217400 2015-12-26] (TorchMedia Inc.) <==== ATTENTION

2016-02-21 13:53 - 2016-02-21 13:53 - 00000000 ____D C:\ProgramData\eSellerate

2016-02-21 13:07 - 2016-02-21 13:07 - 00000000 ____D C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch Apps

2016-02-21 13:03 - 2016-02-23 07:43 - 00000000 ____D C:\ProgramData\TorchCrashHandler

2016-02-21 13:03 - 2016-02-21 21:44 - 00001378 _____ C:\Users\Brandu\Desktop\Torch.lnk

2016-02-21 13:03 - 2016-02-21 13:04 - 00001386 _____ C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

2016-02-21 13:02 - 2016-02-21 13:03 - 00000000 ____D C:\Users\Brandu\AppData\Local\Torch

ShortcutWithArgument: C:\Users\Brandu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,"

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,

ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Lzswatn1,916e2d91-cde8-4bfa-83d3-6085cc3006ab,

C:\Users\Brandu\AppData\Local\Torch

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

RemoveProxy:

EmptyTemp:

CMD: bitsadmin /reset /allusers

*****************

Error: (0) Failed to create a restore point.

"HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\Software\MozillaPlugins\TorchVLC" => key removed successfully

C:\Users\Brandu\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll => moved successfully

TorchCrashHandler => Unable to stop service.

TorchCrashHandler => service removed successfully

C:\ProgramData\eSellerate => moved successfully

C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch Apps => moved successfully

C:\ProgramData\TorchCrashHandler => moved successfully

C:\Users\Brandu\Desktop\Torch.lnk => moved successfully

C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk => moved successfully

C:\Users\Brandu\AppData\Local\Torch => moved successfully

C:\Users\Brandu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk => Shortcut argument removed successfully.

C:\Users\Brandu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk => Shortcut argument removed successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.

C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument removed successfully.

"C:\Users\Brandu\AppData\Local\Torch" => not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-2406282524-2505965915-1096584995-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.8.10586 ]

BITS administration utility.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {DBA8AF95-5FFF-47FB-B511-FA8B1BA96F50}.

Unable to cancel {2ECAFDC9-3C59-4457-96C0-45B7AA25C52C}.

Unable to cancel {B5BE84CD-3DBE-4F7B-9A2B-B2919F31FC61}.

Unable to cancel {1606B2FE-D599-4DCA-A28A-D56D78A82516}.

Unable to cancel {4CDAC930-263F-47C1-84AD-CBB38DE585CB}.

Unable to cancel {F5146D6C-973A-421B-9767-D5627A146AF2}.

Unable to cancel {6399409B-E52E-4A59-9822-ACB12A222C34}.

Unable to cancel {57E1170B-ABA4-4E68-A1A9-488C9343FCE3}.

Unable to cancel {FD6633A0-F7DB-445A-9884-F078013E2DF7}.

Unable to cancel {E4CF6C4C-5A46-4518-B0C9-5516D02C5CE8}.

Unable to cancel {B3656C14-3DF7-4047-93D4-DFE030B87614}.

Unable to cancel {E94AA23F-657A-4F6E-B991-ABC3C988B983}.

Unable to cancel {F6F1C15E-7534-4686-99D8-5256502B5498}.

Unable to cancel {9E1E258D-2FEB-4C54-9870-202C463CD46A}.

Unable to cancel {12512EB2-2CCD-4088-B506-BDF561A38248}.

Unable to cancel {DB783EB6-FABE-47C9-ABFD-5120033AB430}.

Unable to cancel {7E084EC7-6286-4DD0-BB06-3EDB7B4BB39A}.

Unable to cancel {B8EFE4D7-DE10-41A0-87BB-C0B2FD56EE85}.

Unable to cancel {F3C3270A-2E59-421E-9B51-4BD2136FD2E9}.

Unable to cancel {B2F07152-28E7-4A55-94B1-235004F54C30}.

Unable to cancel {39885455-D293-4A5C-AE3B-DC4F0E7400F1}.

Unable to cancel {CB604D5E-320D-4BBA-BACA-0D4F5F93E3EE}.

Unable to cancel {A76BA27A-14C9-4F69-8E69-25EB6512224E}.

Unable to cancel {3C0951EC-2D3A-4D8E-805D-E415A2CC0E72}.

Unable to cancel {96461AA2-FADD-4725-A02C-E68A0ED277DA}.

Unable to cancel {1C4C2D3B-F3A8-427D-8C03-134B0A5231FA}.

Unable to cancel {A9F5DD08-A736-4F9A-BBD3-FE1B9E7B9264}.

Unable to cancel {C8B435E5-C299-4EC8-9F42-C820F5A1C668}.

Unable to cancel {5C6D751B-A353-4A5E-A168-24FACA0DDE12}.

Unable to cancel {95090A4D-16E8-4C6A-B3DA-E5F362774085}.

Unable to cancel {F38B01F6-726C-44A9-984A-FB717E05FF70}.

Unable to cancel {53A4FF7F-0A98-440E-BCDE-C2AE53745252}.

{C1084361-3C3D-426B-86C0-BB40BF0540DC} canceled.

1 out of 33 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 782.2 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 14:25:22 ====

#4
ttsstr5

Posted 23 February 2016 - 02:42 PM

Member

Topic Starter
Member
40 posts

# AdwCleaner v5.036 - Logfile created 23/02/2016 at 14:37:56

# Updated 22/02/2016 by Xplode

# Database : 2016-02-22.2 [Server]

# Operating system : Windows 10 Pro (x64)

# Username : Brandu - BRANDY

# Running from : C:\Users\Brandu\Desktop\AdwCleaner.exe

# Option : Cleaning

# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Brandu\AppData\Local\torch

[-] Folder Deleted : C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp

***** [ Files ] *****

[-] File Deleted : C:\Users\Brandu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe

[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch

[-] Key Deleted : HKCU\Software\torch

[-] Key Deleted : HKLM\SOFTWARE\torch

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www-mysearch.com

***** [ Web browsers ] *****

[-] [C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com

[-] [C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com

[-] [C:\Users\Brandu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pdabfienifkbhoihedcgeogidfmibmhp

*************************

:: "Tracing" keys removed

:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C4].txt - [1733 bytes] - [23/02/2016 14:37:56]

C:\AdwCleaner\AdwCleaner[S4].txt - [1721 bytes] - [23/02/2016 14:35:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1879 bytes] ##########

#5
ttsstr5

Posted 23 February 2016 - 03:04 PM

Member

Topic Starter
Member
40 posts

Also since I ran the fix, when I click on Microsoft Edge my file explorer opens instead.

#6
Essexboy

Posted 23 February 2016 - 03:17 PM

GeekU Moderator

Retired Staff
69,964 posts

Go to control panel > set default programmes

Select Edge and set this programme as default

The hijacks should have disappeared, could you confirm that

#7
ttsstr5

Posted 23 February 2016 - 10:47 PM

Member

Topic Starter
Member
40 posts

Yes, everything is gone. Thank you!

#8
Essexboy

Posted 24 February 2016 - 08:44 AM

GeekU Moderator

Retired Staff
69,964 posts

Any further problems before I tidy up ?

#9
ttsstr5

Posted 24 February 2016 - 11:58 AM

Member

Topic Starter
Member
40 posts

No more problems, thank you :thumbsup:

#10
Essexboy

Posted 24 February 2016 - 01:47 PM

GeekU Moderator

Retired Staff
69,964 posts

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

#11
Essexboy

Posted 26 February 2016 - 03:54 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.