Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SEDO highjacks my browsers - windows 10 PC

Started by RockbadgerX , Oct 12 2016 06:41 AM

  • Please log in to reply

#1
RockbadgerX
Posted 12 October 2016 - 06:41 AM

RockbadgerX

    New Member

  • Member
  • Pip
  • 1 posts

Hi team,

 

Thanks for you excellent forums. I read through other posts but could not find my particular issues. Apologies if it's been covered.

I'm running Windows 10 and am reasonably tech savvy (but please still keep things simple). I only get a measly 12gig per month download allocation.

Generally, I browse with Comodo Dragon and use Comodo Free Anti-Virus. Because I kept getting 'your browser looks old' error messages I went to the Comodo Dragon site. There were new update releases with clickable links. I clicked on the most recent one and updated. I'm not saying it's the file but my computer has never had an issue for years! And now it does. I've attached a screenshot of my issue.

 

I use a wired internet hotspot with Virgin as my provider. To log-on and activate my internet connection I click on the Virgin icon in the bottom tool bar. It opens Edge by default, I log in and every thing is fine. But now when I click on the Virgin icon, Edge opens and then redirects to the sedopage. If I cut&paste the correct link, or even enter it manually into another browser I get the same issue. However, I seem to be able to visit social media sites with no redirection.

 

I've tried Comodo, Avast, AVG, Hitman Pro, Sybot, Windows Defender and Vipre, but none of them have solved this problem. All of them say zero infections. For some reason Malware Bytes will not run. 

 

Here's the rather lengthy text you've requested (and right now a big thank you so much!)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-10-2016
Ran by Rock_X (administrator) on FLYNN (12-10-2016 22:19:21)
Running from C:\Users\Rock_X\Downloads
Loaded Profiles: Rock_X & DefaultAppPool (Available Profiles: Rock_X & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
() C:\Users\Rock_X\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Toolwiz) C:\Program Files\ToolwizCareFree\ToolwizCares.exe
(Toolwiz.com) C:\Program Files\ToolwizCareFree\ToolwizTools.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-08-15] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1491128 2016-09-04] (COMODO)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-10-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-10-12] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3682455300-2570999349-1759586826-1000\...\Run: [ToolwizCareFree] => C:\Program Files\ToolwizCareFree\ToolwizCares.exe [5286160 2014-10-24] (Toolwiz)
HKU\S-1-5-21-3682455300-2570999349-1759586826-1000\...\Run: [FreeScreenSharing] => C:\Users\Rock_X\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [4046328 2016-08-16] ()
HKU\S-1-5-21-3682455300-2570999349-1759586826-1000\...\Run: [GoogleChromeAutoLaunch_20851EB23C1038ECD15A42382520F74D] => C:\Program Files\Comodo\Dragon\dragon.exe [1193584 2016-10-11] (Comodo)
HKU\S-1-5-21-3682455300-2570999349-1759586826-1000\...\Run: [Yahoo Messenger Updater] => C:\Users\Rock_X\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2016-09-27] (Yahoo!, Inc.)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a4831c7e-34b7-4465-a0dd-19cc965af25f}: [NameServer] 8.26.56.26,8.20.247.20
Tcpip\..\Interfaces\{a4831c7e-34b7-4465-a0dd-19cc965af25f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d049b29f-2158-4a5b-becc-24a8afea95c9}: [NameServer] 8.26.56.26,8.20.247.20
Tcpip\..\Interfaces\{d049b29f-2158-4a5b-becc-24a8afea95c9}: [DhcpNameServer] 10.1.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-16e57394
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-16e57394&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-16e57394&q={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-24] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-24] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
 
FireFox:
========
FF DefaultProfile: civ3esvx.default
FF ProfilePath: C:\Users\Rock_X\AppData\Roaming\Mozilla\Firefox\Profiles\civ3esvx.default [2016-10-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-10-17] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-08-11] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-24] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3682455300-2570999349-1759586826-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Rock_X\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-03] (Citrix Online)
FF Plugin HKU\S-1-5-21-3682455300-2570999349-1759586826-1000: @freescreensharing/detector -> C:\Users\Rock_X\AppData\Local\FreeScreenSharing\npfreesee.dll [2016-08-16] (Free Screen Sharing)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default [2016-10-12]
CHR Extension: (Google Docs) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Google Drive) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-02]
CHR Extension: (YouTube) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-02]
CHR Extension: (Google Search) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (RiteForge) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\flookmlccbimcdpnbblpdjhpmjlblfgg [2016-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-27]
CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2016-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-02]
CHR Extension: (Gmail) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Rock_X\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-07-24] (Adobe Systems) [File not signed]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [647864 2016-10-12] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1639224 2016-10-12] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4149312 2016-10-12] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [945936 2016-10-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [605336 2016-10-12] (AVG Technologies CZ, s.r.o.)
R3 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4561512 2016-09-04] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1670840 2016-09-04] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2272904 2016-10-11] (Comodo)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [595968 2016-07-03] (SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
S3 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2009-07-22] (Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2736128 2009-07-22] (Firebird Project) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-07-27] (Macrovision Europe Ltd.) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [113632 2016-10-12] (SurfRight B.V.)
S3 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2016-08-07] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2016-08-07] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2016-08-07] (Safer-Networking Ltd.)
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-09-15] (Microsoft Corporation)
S3 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [78056 2015-07-30] (UC-Logic Technology Corp.)
S3 Privacy Content Firewall; "C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 admnfd; C:\Windows\system32\Drivers\admnfd.sys [43840 2014-12-04] (Windows ® Win 7 DDK provider)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19584 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [67336 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [257792 2016-10-12] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [210176 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [41216 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [218880 2016-10-12] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-10-12] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2016-10-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-10-12] (AVG Technologies CZ, s.r.o.)
R0 avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [246536 2016-10-12] (AVG Technologies CZ, s.r.o.)
R1 browserMon; C:\WINDOWS\System32\DRIVERS\browserMon.sys [18112 2015-03-04] (Windows ® Win 7 DDK provider)
R1 BTOWSFF; C:\Windows\system32\Drivers\BTOWSFF.sys [27648 2014-10-24] (Toolwiz.com)
R0 BTOWSVF; C:\WINDOWS\System32\Drivers\BTOWSVF.sys [45952 2014-10-24] (Toolwiz.com)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [28000 2016-07-10] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [668936 2016-07-10] (COMODO)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2015-01-17] (LogMeIn, Inc.)
R0 KSafeDISK; C:\WINDOWS\System32\Drivers\KSafeDISK.sys [48640 2014-10-24] (Toolwiz.com)
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-14] (Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-12 22:21 - 2016-10-12 22:21 - 00001137 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-12 22:19 - 2016-10-12 22:20 - 00017692 _____ C:\Users\Rock_X\Downloads\FRST.txt
2016-10-12 22:19 - 2016-10-12 22:19 - 00000000 ____D C:\FRST
2016-10-12 22:17 - 2016-10-12 22:18 - 01757184 _____ (Farbar) C:\Users\Rock_X\Downloads\FRST.exe
2016-10-12 22:14 - 2016-10-12 22:20 - 22851472 _____ (Malwarebytes ) C:\Users\Rock_X\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-10-12 21:54 - 2016-10-12 21:54 - 00001970 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-10-12 21:54 - 2016-10-12 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-10-12 21:54 - 2016-10-12 21:54 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-12 21:53 - 2016-10-12 22:07 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-12 21:44 - 2016-10-12 21:54 - 11003784 _____ (SurfRight B.V.) C:\Users\Rock_X\Downloads\HitmanPro.exe
2016-10-12 21:03 - 2016-10-12 21:12 - 00000000 ____D C:\AdwCleaner
2016-10-12 21:02 - 2016-10-12 21:03 - 03874368 _____ C:\Users\Rock_X\Downloads\adwcleaner_6.021.exe
2016-10-12 21:02 - 2016-10-12 21:02 - 00000000 _____ C:\Users\Rock_X\Downloads\5507.tmp
2016-10-12 08:28 - 2016-10-12 08:28 - 19349504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 08:28 - 2016-10-12 08:28 - 01801216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-12 08:28 - 2016-10-12 08:28 - 01422528 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-12 08:28 - 2016-10-12 08:28 - 00122560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 18675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 12587008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 02937896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 02880512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 02552832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01467904 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01194336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 08:27 - 2016-10-12 08:27 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 01033408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00876504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 08:27 - 2016-10-12 08:27 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00717152 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00538744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00504000 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00493760 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00484192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00346456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00231616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 08:27 - 2016-10-12 08:27 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00076480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-10-12 08:27 - 2016-10-12 08:27 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 08:27 - 2016-10-12 08:27 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-10-12 08:27 - 2016-09-30 11:09 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 07:13 - 2016-10-12 07:13 - 00000000 ___HD C:\$AVG
2016-10-12 07:13 - 2016-10-12 07:13 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\TuneUp Software
2016-10-12 07:13 - 2016-10-12 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-12 07:12 - 2016-10-12 21:18 - 00000000 ____D C:\ProgramData\MFAData
2016-10-12 07:12 - 2016-10-12 07:12 - 00000000 ____D C:\Users\Rock_X\AppData\Local\MFAData
2016-10-12 06:50 - 2016-10-12 06:50 - 00000913 _____ C:\Users\Public\Desktop\AVG.lnk
2016-10-12 06:50 - 2016-10-12 06:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-10-12 06:41 - 2016-10-12 07:12 - 00000000 ____D C:\Program Files\AVG
2016-10-12 06:30 - 2016-10-12 08:04 - 06544392 _____ (ThreatTrack Security, Inc) C:\Users\Rock_X\Downloads\setup-vipre-antivirus-trial.exe
2016-10-12 06:27 - 2016-10-12 07:12 - 00000000 ____D C:\Users\Rock_X\AppData\Local\AvgSetupLog
2016-10-12 06:26 - 2016-10-12 06:27 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rock_X\Downloads\AVG_Protection_Free_1606.exe
2016-10-11 19:34 - 2016-10-11 19:34 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-10-11 18:56 - 2016-10-11 19:16 - 49927392 _____ (Microsoft Corporation) C:\Users\Rock_X\Downloads\Windows-KB890830-V5.40.exe
2016-10-11 17:39 - 2016-10-11 17:39 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-11 17:34 - 2016-10-11 17:39 - 06334880 _____ (AVAST Software) C:\Users\Rock_X\Downloads\avast_free_antivirus_setup_online.exe
2016-10-11 15:50 - 2016-10-11 17:10 - 22851472 _____ (Malwarebytes ) C:\Users\Rock_X\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-11 13:09 - 2016-10-11 14:27 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-11 13:05 - 2016-10-11 13:09 - 20448960 _____ (Adobe Systems Incorporated) C:\Users\Rock_X\Downloads\install_flash_player_ppapi.exe
2016-10-11 13:05 - 2016-10-11 13:05 - 00000000 ____D C:\Users\Rock_X\AppData\Local\Chromium
2016-10-11 12:50 - 2016-10-11 13:04 - 65640488 _____ (Comodo) C:\Users\Rock_X\Downloads\dragonsetup.exe
2016-10-11 12:24 - 2016-10-11 12:25 - 00781566 _____ C:\Users\Rock_X\Downloads\mwb_U_201610.pdf
2016-10-09 02:00 - 2016-10-09 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-09 02:00 - 2016-10-09 02:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-10-08 12:39 - 2016-10-08 12:39 - 00167559 _____ C:\Users\Rock_X\Downloads\Doc20161008133854.pdf
2016-10-07 17:13 - 2016-10-07 17:13 - 00000000 ____D C:\Users\Rock_X\AppData\LocalLow\uTorrent
2016-10-05 16:58 - 2016-10-05 16:58 - 00000000 ____D C:\Users\Rock_X\AppData\Local\Dropbox
2016-10-05 16:58 - 2016-10-05 16:58 - 00000000 ____D C:\ProgramData\Dropbox
2016-10-05 16:56 - 2016-10-05 16:57 - 00690072 _____ (Dropbox, Inc.) C:\Users\Rock_X\Downloads\DropboxInstaller.exe
2016-10-04 15:12 - 2016-10-04 16:41 - 00000000 ____D C:\Users\Rock_X\Desktop\ant_phone
2016-10-02 17:01 - 2016-10-02 17:05 - 02273063 _____ C:\Users\Rock_X\Downloads\w_U_201608.pdf
2016-09-29 14:35 - 2016-10-11 09:55 - 00000000 ____D C:\Users\Rock_X\Desktop\barnett
2016-09-28 17:07 - 2016-09-28 17:12 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-27 08:49 - 2016-09-28 23:04 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\Yahoo Messenger
2016-09-27 08:49 - 2016-09-27 08:49 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Inc
2016-09-27 08:49 - 2016-09-27 08:49 - 00000000 ____D C:\Users\Rock_X\AppData\Local\yahoomessenger
2016-09-27 08:48 - 2016-09-27 08:49 - 00000000 ____D C:\Users\Rock_X\AppData\Local\SquirrelTemp
2016-09-26 18:19 - 2016-10-12 07:13 - 00197376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2016-09-23 13:31 - 2016-09-23 13:31 - 00093966 _____ C:\Users\Rock_X\Downloads\PC1_notes_sr.pdf
2016-09-22 14:44 - 2016-10-12 07:13 - 00257792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2016-09-20 16:53 - 2016-10-12 07:13 - 00218880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2016-09-15 07:44 - 2016-09-15 07:44 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-15 07:44 - 2016-09-15 07:44 - 01951848 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01862000 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 01364480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01334680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01300016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00727752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00601744 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00355672 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-09-15 07:44 - 2016-09-15 07:44 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-15 07:44 - 2016-09-15 07:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbceip.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 07:44 - 2016-09-15 07:44 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 07:44 - 2016-09-15 07:44 - 00042920 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-15 07:44 - 2016-09-15 07:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-15 07:43 - 2016-09-15 07:44 - 00381784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 03196928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 02772480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 02527232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 02106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 01537536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01496064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01070592 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 01043456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-15 07:43 - 2016-09-15 07:43 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00628440 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00511312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00496360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2016-09-15 07:43 - 2016-09-15 07:43 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00229216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00180064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 07:43 - 2016-09-15 07:43 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-15 07:43 - 2016-09-15 07:43 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00036136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrameHost.exe
2016-09-15 07:43 - 2016-09-15 07:43 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-15 07:42 - 2016-09-15 07:42 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-15 07:42 - 2016-09-15 07:42 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01865584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 01118200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-09-15 07:42 - 2016-09-15 07:42 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00549728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-15 07:42 - 2016-09-15 07:42 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-09-15 07:42 - 2016-09-15 07:42 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcl.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2016-09-15 07:42 - 2016-09-15 07:42 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2016-09-15 07:42 - 2016-09-15 07:42 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2016-09-15 07:42 - 2016-09-15 07:42 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2016-09-15 07:42 - 2016-09-15 07:42 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\fodhelper.exe
2016-09-15 07:42 - 2016-09-15 07:42 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 05598832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 02186856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01552896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 01044992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00995296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 00900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc_ssp.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 00510872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-09-15 07:41 - 2016-09-15 07:41 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-15 07:41 - 2016-09-15 07:41 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01194496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2016-09-15 07:40 - 2016-09-15 07:40 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00354144 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00354144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-09-15 07:40 - 2016-09-15 07:40 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-09-15 07:40 - 2016-09-15 07:40 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-09-15 07:40 - 2016-09-15 07:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-15 07:39 - 2016-09-15 07:39 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-09-15 07:39 - 2016-09-15 07:39 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2016-09-15 07:39 - 2016-09-15 07:39 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-15 07:39 - 2016-09-15 07:39 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2016-09-15 07:39 - 2016-09-15 07:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys
2016-09-12 08:25 - 2016-09-26 08:15 - 00027061 _____ C:\Users\Rock_X\Desktop\letter.odt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-12 22:21 - 2014-07-14 15:14 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-12 22:21 - 2014-07-14 15:14 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-10-12 22:21 - 2014-07-14 15:14 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-10-12 22:21 - 2014-07-14 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-12 22:21 - 2014-07-14 15:14 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-10-12 22:16 - 2013-04-11 13:18 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-10-12 22:13 - 2016-05-16 14:13 - 00000937 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {ABB96E23-E01F-46F4-818C-C32565E84ACA}.job
2016-10-12 22:13 - 2016-05-16 14:13 - 00000751 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {ABB96E23-E01F-46F4-818C-C32565E84ACA}.job
2016-10-12 22:13 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-10-12 21:42 - 2015-09-07 19:53 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-12 21:36 - 2016-05-13 20:18 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-12 21:31 - 2015-08-18 13:31 - 00000937 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {5698BAFE-919A-498E-8A44-3F78A987D928}.job
2016-10-12 21:31 - 2015-08-18 13:31 - 00000751 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {5698BAFE-919A-498E-8A44-3F78A987D928}.job
2016-10-12 21:19 - 2015-09-07 19:53 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-12 21:17 - 2016-02-13 22:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-12 21:17 - 2016-02-13 22:13 - 01976912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 21:15 - 2015-10-30 15:13 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-12 21:14 - 2015-10-30 15:48 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 21:14 - 2015-10-30 15:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 21:14 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-12 21:14 - 2015-10-30 15:47 - 00000000 ____D C:\WINDOWS\INF
2016-10-12 20:45 - 2015-10-30 15:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-12 20:45 - 2015-10-30 15:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-10-12 20:45 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-12 19:33 - 2016-05-13 02:23 - 01346316 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-12 19:14 - 2013-08-19 10:52 - 00241146 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-10-12 10:07 - 2015-10-30 15:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-12 07:30 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-12 07:26 - 2016-05-13 02:24 - 00000000 ____D C:\Users\Rock_X
2016-10-12 07:14 - 2014-07-24 11:19 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\AVG
2016-10-12 07:14 - 2014-07-24 11:19 - 00000000 ____D C:\Users\Rock_X\AppData\Local\AVG
2016-10-12 07:13 - 2016-08-04 06:52 - 00246536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2016-10-12 07:13 - 2016-08-02 11:38 - 00041216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys
2016-10-12 07:13 - 2016-07-27 15:28 - 00210176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2016-10-12 07:13 - 2016-06-20 15:17 - 00065280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgunivx.sys
2016-10-12 07:13 - 2016-06-06 08:24 - 00067336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgfwd6x.sys
2016-10-12 07:13 - 2016-06-01 13:16 - 00047360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2016-10-12 07:13 - 2016-05-13 07:43 - 00134912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2016-10-12 07:13 - 2016-02-16 16:20 - 00287008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2016-10-12 07:13 - 2016-01-07 16:03 - 00019584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbootx.sys
2016-10-12 07:13 - 2015-10-30 15:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-10-12 07:13 - 2014-07-24 11:13 - 00000000 ____D C:\ProgramData\AVG
2016-10-12 07:01 - 2015-10-30 15:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-11 19:17 - 2013-04-11 13:08 - 141747376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 13:09 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-11 13:05 - 2013-04-11 13:16 - 00000000 ____D C:\Program Files\Comodo
2016-10-10 14:13 - 2015-01-06 12:31 - 00000000 ____D C:\Users\Rock_X\Desktop\photo_folder
2016-10-10 07:08 - 2015-09-07 17:02 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\Skype
2016-10-09 02:01 - 2015-09-07 17:01 - 00000000 ____D C:\ProgramData\Skype
2016-10-09 02:00 - 2015-09-07 17:02 - 00000000 ___RD C:\Program Files\Skype
2016-10-09 02:00 - 2015-09-07 17:02 - 00000000 ____D C:\Users\Rock_X\AppData\Local\Skype
2016-10-07 18:25 - 2015-02-05 13:31 - 00000000 ____D C:\Users\Rock_X\AppData\Roaming\uTorrent
2016-10-04 09:53 - 2015-09-07 20:08 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 09:35 - 2015-11-12 09:42 - 00000000 ____D C:\Users\Rock_X\Documents\Warcraft III
2016-09-30 12:52 - 2015-12-07 17:08 - 12807920 _____ C:\Users\Rock_X\Downloads\WeChat_C1018.exe
2016-09-28 16:43 - 2014-07-24 13:39 - 00000000 ____D C:\Users\Rock_X\Documents\business_documents
2016-09-25 15:28 - 2016-08-23 09:00 - 00000000 ____D C:\Users\Rock_X\Desktop\Diploma_Proj_Man
2016-09-21 19:04 - 2016-06-03 22:09 - 00000000 ____D C:\tmp
2016-09-21 15:31 - 2016-05-14 09:00 - 00000000 ____D C:\Users\Rock_X\AppData\Local\ApplicationHistory
2016-09-21 15:30 - 2014-04-09 15:58 - 00000000 ____D C:\Users\Rock_X\Documents\Sony ACID Pro 6.0 Projects
2016-09-21 07:34 - 2014-04-09 15:58 - 00000000 ____D C:\Users\Rock_X\Documents\Sony Media Libraries
2016-09-20 13:52 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\rescache
2016-09-19 20:07 - 2016-02-13 22:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-19 19:12 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-19 19:12 - 2015-10-30 15:15 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-17 22:21 - 2013-08-19 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-16 21:34 - 2016-02-13 22:05 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-13 11:45 - 2014-05-04 09:31 - 00000000 ____D C:\Users\Rock_X\Documents\rob_folder
2016-09-13 11:33 - 2015-08-15 23:20 - 00000000 ____D C:\Users\Rock_X\AppData\Local\Packages
 
==================== Files in the root of some directories =======
 
2015-10-08 09:02 - 2015-10-08 09:02 - 0000088 _____ () C:\Users\Rock_X\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2016-06-14 09:44 - 2016-06-18 22:39 - 0065618 _____ () C:\Users\Rock_X\AppData\Roaming\Camdata.ini
2016-06-14 09:44 - 2016-06-18 22:39 - 0000408 _____ () C:\Users\Rock_X\AppData\Roaming\CamLayout.ini
2016-06-14 09:44 - 2016-06-18 22:39 - 0000408 _____ () C:\Users\Rock_X\AppData\Roaming\CamShapes.ini
2016-06-14 09:44 - 2016-06-18 22:39 - 0004538 _____ () C:\Users\Rock_X\AppData\Roaming\CamStudio.cfg
2014-10-24 08:20 - 2014-10-24 08:20 - 0000190 _____ () C:\Users\Rock_X\AppData\Roaming\reportman.ini
2015-10-08 09:03 - 2015-10-08 09:04 - 0000236 _____ () C:\Users\Rock_X\AppData\Roaming\RO39-2M3Q
2016-06-14 09:31 - 2016-06-14 09:31 - 0000096 _____ () C:\Users\Rock_X\AppData\Roaming\version2.xml
2014-07-17 14:39 - 2014-09-17 08:26 - 0005632 _____ () C:\Users\Rock_X\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-28 14:26 - 2014-08-28 14:26 - 0000218 _____ () C:\Users\Rock_X\AppData\Local\recently-used.xbel
2016-04-26 16:58 - 2016-04-26 16:58 - 0007605 _____ () C:\Users\Rock_X\AppData\Local\Resmon.ResmonCfg
2016-03-09 13:43 - 2016-03-09 13:43 - 0000000 _____ () C:\Users\Rock_X\AppData\Local\{B524B9E0-F3B9-4C43-8B7E-1096267FC88E}
2015-06-01 13:40 - 2015-06-01 13:40 - 0000211 _____ () C:\ProgramData\acer.zip
2016-05-13 02:20 - 2016-05-13 02:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Rock_X\AppData\Local\Temp\libeay32.dll
C:\Users\Rock_X\AppData\Local\Temp\msvcr120.dll
C:\Users\Rock_X\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-05 17:26
 
==================== End of FRST.txt ============================

Attached Thumbnails

  • sedopic.jpg

Edited by RockbadgerX, 12 October 2016 - 06:43 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP