Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC has become slow and mouse pointer stalls and freezes... pointer has


  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Definitely something wrong with the bthport.sys file.  It's not signed and all of the others are so let's try replacing it with the newest version you have:

 

 
Download the attached fixlist.txt to the same location as FRST
 
 
Run FRST and press Fix
A fix log will be generated please post that 
 
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

  • 0

Advertisements


#47
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Jim (13-03-2017 12:46:24) Run:3
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
replace C:\Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys C:\windows\system32\drivers\bthport.sys
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
reboot:
 
 
 
*****************
 
replace C:\Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys C:\windows\system32\drivers\bthport.sys => Error: No automatic fix found for this entry.
 
========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 12:46:34 ====

  • 0

#48
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

FRST log after bthport fix:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by Jim (administrator) on OWNER-PC (13-03-2017 13:03:59)
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-04] (NVIDIA Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256 2008-10-17] (CyberLink Corporation.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-04-30] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-04-29] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-25] (CyberLink Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-12] (AVAST Software)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-12] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digimax Viewer 2.0.lnk [2013-03-31]
ShortcutTarget: Digimax Viewer 2.0.lnk -> C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-23]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-23]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
BootExecute: autocheck autochk /p \??\L:autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 61.9.195.193 61.9.194.49
Tcpip\..\Interfaces\{BE7DBD9A-8CF5-45EE-BB99-67C2A1D540BB}: [DhcpNameServer] 61.9.195.193 61.9.194.49
 
Internet Explorer:
==================
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ninemsn.com.au/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-12] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-12] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
 
FireFox:
========
FF HKU\S-1-5-21-3716940813-2614047019-3014684930-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\ReboundAlert\Firefox => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://isearch.avg.com?cid={420897B4-3090-4DA6-99C7-C4E35DF91734}&mid=cc1113bef9de47d091f4bd2b2bf863fe-10f8a1089b69b7ac31401cb1135c3307a3e569fa&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.9.799&pid=avg&sg=&sap=hp"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Google Search) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Avast Online Security) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-12] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-06] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-17] () [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-14] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1345664 2010-10-13] (NXP Semiconductors Germany GmbH)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2012-07-20] (Google Inc)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-12] (AVAST Software)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-02-17] (Microsoft Corporation) [File not signed]
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-10-14] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-10-14] (CyberLink Corporation.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-04-16] (CyberLink Corp.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-13 12:57 - 2017-03-13 12:57 - 00000000 ___DC C:\ProgramData\SWCUTemp
2017-03-13 11:30 - 2017-03-13 11:30 - 00001589 ____C C:\Users\Jim\Desktop\Search.txt
2017-03-12 14:46 - 2017-03-13 03:00 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-03-12 14:46 - 2017-03-13 03:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-03-12 14:42 - 2017-03-12 14:48 - 00000000 ___DC C:\AVG_Remover
2017-03-12 14:26 - 2017-03-12 14:41 - 00003892 ____C C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1489289195
2017-03-12 14:26 - 2017-03-12 14:26 - 00032088 ____C (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-12 14:26 - 2017-03-12 14:26 - 00001050 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-12 14:25 - 2017-03-13 03:01 - 00004172 ____C C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-12 14:25 - 2017-03-12 14:25 - 00993608 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00548928 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00398408 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-12 14:25 - 2017-03-12 14:25 - 00337592 ____C (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00334600 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00309272 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00189768 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00162528 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00126600 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00100640 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00075704 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00048528 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00038296 ____C (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00001929 ____C C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Windows\System32\Tasks\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Program Files\Common Files\AV
2017-03-12 14:24 - 2017-03-13 10:51 - 00000000 ___DC C:\ProgramData\AVAST Software
2017-03-12 14:24 - 2017-03-12 14:26 - 00000000 ___DC C:\Program Files\AVAST Software
2017-03-12 02:31 - 2017-03-12 02:33 - 00001010 ____C C:\Users\Jim\Desktop\WhoCrashed.lnk
2017-03-12 02:31 - 2017-03-12 02:33 - 00000000 ___DC C:\Program Files\WhoCrashed
2017-03-12 02:31 - 2017-03-12 02:31 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2017-03-12 02:30 - 2017-03-12 02:29 - 04958280 ____C (Resplendence Software Projects Sp. ) C:\Users\Jim\Desktop\whocrashedSetup.exe
2017-03-12 01:53 - 2017-03-12 01:53 - 00026371 ____C C:\Users\Jim\Desktop\Addition.txt
2017-03-12 00:46 - 2017-03-13 12:57 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00002697 ____C C:\Users\Public\Desktop\Skype.lnk
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 __RDC C:\Program Files (x86)\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\Users\Jim\AppData\Local\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-12 00:45 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Skype
2017-03-12 00:45 - 2017-03-12 00:45 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-03-12 00:45 - 2017-03-12 00:45 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2017-03-12 00:45 - 2012-03-14 05:00 - 00385024 ____C (CANON INC.) C:\Windows\system32\CNMLMAD.DLL
2017-03-12 00:44 - 2017-03-12 00:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-03-12 00:44 - 2017-03-12 00:44 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2017-03-12 00:44 - 2012-08-24 01:08 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:41 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-11 20:26 - 2017-03-11 20:26 - 00027846 ____C C:\Users\Jim\Desktop\Addition-2nd time.txt
2017-03-11 18:13 - 2017-03-13 12:46 - 00000982 ____C C:\Users\Jim\Desktop\Fixlog.txt
2017-03-11 18:13 - 2017-03-13 11:27 - 00000000 ___DC C:\Users\Jim\Desktop\FRST-OlderVersion
2017-03-09 21:56 - 2017-03-13 08:07 - 00000467 ____C C:\VEW.txt
2017-03-09 21:55 - 2017-03-09 21:54 - 00061440 ____C ( ) C:\Users\Jim\Desktop\VEW.exe
2017-03-09 21:54 - 2017-03-09 21:54 - 00000000 ___DC C:\Users\Jim\AppData\Local\VirtualStore
2017-03-09 21:23 - 2017-03-09 21:23 - 00000207 ____C C:\Windows\tweaking.com-regbackup-OWNER-PC-Windows-7-Home-Premium-(64-bit).dat
2017-03-09 21:23 - 2017-03-09 21:23 - 00000000 ___DC C:\RegBackup
2017-03-09 19:33 - 2017-03-09 19:33 - 00003650 ____C C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2017-03-09 19:33 - 2017-03-09 19:33 - 00002170 ____C C:\Users\Jim\Desktop\Tweaking.com - Windows Repair.lnk
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\Program Files (x86)\Tweaking.com
2017-03-09 19:31 - 2017-03-09 19:33 - 00190904 ____C C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2017-03-09 19:28 - 2017-03-09 19:27 - 32823032 ____C (Tweaking.com) C:\Users\Jim\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-03-09 19:16 - 2017-03-11 17:28 - 00000000 ___DC C:\Program Files (x86)\SpeedFan
2017-03-09 19:16 - 2017-03-09 19:16 - 00001018 ____C C:\Users\Jim\Desktop\SpeedFan.lnk
2017-03-09 19:16 - 2017-03-09 19:16 - 00000045 ____C C:\Windows\SysWOW64\initdebug.nfo
2017-03-09 19:16 - 2017-03-09 19:16 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-03-09 19:15 - 2017-03-09 19:13 - 03086696 ____C C:\Users\Jim\Desktop\instspeedfan452 (1).exe
2017-03-08 23:34 - 2017-03-11 20:44 - 00079091 ____C C:\Users\Jim\Desktop\OWNER-PC.txt
2017-03-08 23:32 - 2017-03-08 23:32 - 00000803 ____C C:\Users\Public\Desktop\Speccy.lnk
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\Program Files\Speccy
2017-03-08 23:31 - 2017-03-08 23:27 - 06293184 ____C (Piriform Ltd) C:\Users\Jim\Desktop\spsetup130.exe
2017-03-08 23:06 - 2017-03-08 23:06 - 00007616 ____C C:\junk.txt
2017-03-08 22:58 - 2017-03-08 22:58 - 00009213 ____C C:\Users\Jim\Desktop\System Idle Process.txt
2017-03-08 22:53 - 2017-03-08 22:52 - 02710688 ____C (Sysinternals - www.sysinternals.com) C:\Users\Jim\Desktop\procexp.exe
2017-03-05 11:58 - 2017-03-13 13:04 - 00016343 ____C C:\Users\Jim\Desktop\FRST.txt
2017-03-05 11:58 - 2017-03-05 12:16 - 00033895 ____C C:\Users\Jim\Desktop\Addition - 1st Time.txt
2017-03-05 11:57 - 2017-03-13 13:03 - 00000000 ___DC C:\FRST
2017-03-05 11:56 - 2017-03-13 11:27 - 02424832 ____C (Farbar) C:\Users\Jim\Desktop\FRST64.exe
2017-03-05 07:48 - 2017-03-05 07:48 - 00000000 __RDC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures - Shortcut
2017-03-05 07:35 - 2017-03-05 07:57 - 00000000 ___DC C:\Program Files (x86)\Adobe
2017-03-01 23:26 - 2017-03-01 23:26 - 00000000 ___DC C:\Windows\pss
2017-02-23 21:59 - 2017-02-23 22:17 - 00001941 ___HC C:\Windows\EPMBatch.ept
2017-02-23 21:35 - 2017-02-23 21:35 - 00003508 ____C C:\Windows\System32\Tasks\WinZipBackGroundToolsTask
2017-02-23 21:35 - 2017-02-23 21:35 - 00003396 ____C C:\Windows\System32\Tasks\WinZip Update Notifier
2017-02-23 21:35 - 2017-02-23 21:35 - 00002347 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002324 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002294 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002288 ____C C:\Users\Public\Desktop\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Local\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Program Files\WinZip
2017-02-23 21:33 - 2017-02-23 21:33 - 00000000 ___DC C:\Program Files (x86)\EaseUS
2017-02-23 19:53 - 2017-02-23 19:53 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Acronis
2017-02-23 14:48 - 2017-02-23 21:44 - 00007627 ____C C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2017-02-22 13:39 - 2017-02-22 13:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-11 21:31 - 2017-02-11 21:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 21:31 - 2017-02-11 21:31 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2017-02-11 13:11 - 2017-02-11 21:29 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-02-11 13:11 - 2017-02-11 21:28 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-02-11 13:10 - 2017-02-11 21:28 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\system32\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 01393152 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-02-11 13:09 - 2015-12-09 05:54 - 00116736 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-02-11 13:09 - 2015-12-09 05:12 - 00230400 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-02-11 13:09 - 2015-12-09 05:11 - 00005632 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-13 12:57 - 2012-07-09 19:55 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2017-03-13 12:56 - 2009-07-14 15:45 - 00028944 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-13 12:56 - 2009-07-14 15:45 - 00028944 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-13 12:52 - 2009-07-14 16:13 - 00781298 ____C C:\Windows\system32\PerfStringBackup.INI
2017-03-13 12:52 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\inf
2017-03-13 12:48 - 2012-07-03 17:18 - 00000000 ___DC C:\ProgramData\NVIDIA
2017-03-13 12:48 - 2009-07-14 16:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2017-03-13 03:01 - 2013-05-24 23:34 - 00757692 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2017-03-12 16:21 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\rescache
2017-03-12 15:56 - 2009-07-14 16:08 - 00032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-12 14:26 - 2013-09-01 14:05 - 00000000 ___DC C:\Temp
2017-03-12 14:18 - 2017-02-09 00:34 - 00000000 ___DC C:\ProgramData\Avg
2017-03-12 14:14 - 2012-07-07 10:37 - 00000000 ___DC C:\ProgramData\MFAData
2017-03-12 01:24 - 2009-07-14 15:45 - 00352528 ____C C:\Windows\system32\FNTCACHE.DAT
2017-03-12 00:52 - 2014-12-12 21:44 - 00000000 ___DC C:\Windows\system32\appraiser
2017-03-12 00:52 - 2014-05-07 04:00 - 00000000 __SDC C:\Windows\system32\CompatTel
2017-03-12 00:52 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\PolicyDefinitions
2017-03-11 18:13 - 2013-07-03 22:18 - 00000000 ___DC C:\Windows\System32\Tasks\Games
2017-03-11 18:06 - 2013-07-03 23:05 - 00000000 ___DC C:\Program Files (x86)\Java
2017-03-11 17:13 - 2012-07-10 20:12 - 00091256 ____C C:\Users\Jim\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-09 21:35 - 2009-07-14 13:34 - 00000439 ____C C:\Windows\win.ini
2017-03-09 20:59 - 2012-07-09 19:55 - 00000000 __RDC C:\Users\Jim
2017-03-08 23:02 - 2012-05-31 17:28 - 00001294 ____C C:\Users\Public\Desktop\Windows Recovery Activation.lnk
2017-03-06 18:17 - 2009-07-14 16:09 - 00000000 ___DC C:\Windows\System32\Tasks\WPD
2017-03-06 01:01 - 2009-07-14 15:57 - 00001547 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-05 11:21 - 2013-07-19 22:57 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\SysWOW64\Macromed
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\system32\Macromed
2017-03-05 07:35 - 2012-09-08 21:46 - 00000000 ___DC C:\ProgramData\Adobe
2017-03-01 23:31 - 2012-07-07 10:29 - 00000000 ___DC C:\ProgramData\Yahoo!
2017-03-01 23:31 - 2012-07-07 10:28 - 00000000 ___DC C:\Program Files (x86)\Yahoo!
2017-03-01 23:30 - 2009-07-14 13:34 - 00000826 ____C C:\Windows\system32\Drivers\etc\hosts_bak_521
2017-03-01 23:26 - 2012-12-29 21:09 - 00000000 ___DC C:\Users\Jim\AppData\Local\ElevatedDiagnostics
2017-02-28 16:27 - 2012-06-01 11:13 - 00000000 ___DC C:\Windows\Panther
2017-02-25 01:49 - 2013-08-16 02:04 - 00000000 ___DC C:\Windows\system32\MRT
2017-02-25 01:48 - 2012-07-10 01:06 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 23:27 - 2012-07-10 20:33 - 00000000 ___DC C:\Users\Jim\AppData\Local\Microsoft Games
2017-02-23 19:53 - 2012-07-08 23:53 - 00001222 ____C C:\Users\Public\Desktop\Acronis True Image Home 2010.lnk
2017-02-22 13:39 - 2014-12-13 20:36 - 00002151 ____C C:\Users\Public\Desktop\Google Earth.lnk
2017-02-22 13:39 - 2014-12-13 20:35 - 00000000 ___DC C:\Program Files (x86)\Google
2017-02-22 07:28 - 2012-07-09 20:04 - 00000000 ___DC C:\Users\Jim\AppData\Local\Google
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\SysWOW64\Dism
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\system32\Dism
2017-02-11 21:28 - 2015-05-15 19:55 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-02-11 21:28 - 2015-01-14 19:02 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Silverlight
2017-02-11 01:13 - 2017-02-09 18:52 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-02-11 01:05 - 2017-02-10 18:07 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-02-11 01:05 - 2017-02-10 18:07 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-02-11 01:05 - 2017-02-09 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-02-11 01:04 - 2017-02-10 18:02 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-02-11 01:04 - 2017-02-10 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-02-11 01:04 - 2017-02-10 18:02 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-02-11 01:04 - 2017-02-09 01:17 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-02-11 01:04 - 2017-02-09 01:17 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-02-11 01:03 - 2017-02-10 18:07 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-02-11 01:03 - 2017-02-10 18:07 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-02-11 01:03 - 2017-02-10 18:02 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2017-02-11 01:03 - 2017-02-10 18:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2017-02-11 01:03 - 2012-08-04 11:28 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-11 01:02 - 2017-02-10 18:07 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-02-11 01:02 - 2017-02-10 18:07 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-02-11 01:02 - 2017-02-10 18:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-02-11 01:01 - 2017-02-10 18:01 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-02-11 01:01 - 2017-02-10 18:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-02-11 01:01 - 2017-02-10 18:01 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-02-11 01:01 - 2017-02-10 18:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-02-11 01:00 - 2017-02-09 20:25 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
 
==================== Files in the root of some directories =======
 
2012-07-22 15:59 - 2012-07-22 15:59 - 0027520 ____C () C:\Users\Jim\AppData\Local\dt.dat
2017-02-23 14:48 - 2017-02-23 21:44 - 0007627 ____C () C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2012-05-31 17:33 - 2012-05-31 17:33 - 0000109 ____C () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-31 17:32 - 2012-05-31 17:33 - 0000106 ____C () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2012-05-31 17:31 - 2012-05-31 17:32 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-31 17:29 - 2012-05-31 17:31 - 0000106 ____C () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-31 17:33 - 2012-05-31 17:33 - 0000110 ____C () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-05-31 17:28 - 2012-05-31 17:29 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-03-12 16:13
 
==================== End of FRST.txt ============================

  • 0

#49
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Additional Logfile from FRST after bthport fix:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Jim (13-03-2017 13:04:17)
Running from C:\Users\Jim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-03 03:17:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3716940813-2614047019-3014684930-500 - Administrator - Disabled)
Guest (S-1-5-21-3716940813-2614047019-3014684930-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3716940813-2614047019-3014684930-1008 - Limited - Enabled)
Jim (S-1-5-21-3716940813-2614047019-3014684930-1006 - Administrator - Enabled) => C:\Users\Jim
Owner (S-1-5-21-3716940813-2614047019-3014684930-1002 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-3716940813-2614047019-3014684930-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7154 - Acronis)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2604 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.4617 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3117 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2918 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1111 - CyberLink Corp.)
Digimax V (HKLM-x32\...\{FC483A2D-E281-4282-94F8-A4C2E7CCD687}) (Version:  - )
Digimax Viewer 2.0 (HKLM-x32\...\{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}) (Version:  - )
Etron USB3.0 Host Controller (x32 Version: 0.105 - Etron Technology) Hidden
Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version:  - FlashPlayerPro.com)
G3 Manager (HKLM-x32\...\{8D9E93D2-049D-4E9D-B263-13216E20EF1F}) (Version: 1.00.0000 - )
G3 Manager (x32 Version: 1.00.0000 - DECA System) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
LightScribe System Software (HKLM-x32\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NavDesk 2009 (HKLM-x32\...\{F5F1B66A-F117-427C-98C7-D4732F49BEBF}) (Version: 6.20.211 - Navman Technologies NZ Ltd)
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0E}) (Version: 3.1.4.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.26 - Tweaking.com)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WhoCrashed 5.53 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
WinFast Multimedia Driver Installation  (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version:  - Multimedia)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3716940813-2614047019-3014684930-1006_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08DCD433-AAF9-4FD7-BA1D-AE07C1EF3A73} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-03-12] (AVAST Software)
Task: {49BAD779-C313-4870-8B91-DDDF58FD2628} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {711EB444-D5AF-41FB-861C-608E26CC732F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {763CBF87-73CE-4B75-AF12-26C10BA5D7E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe 
Task: {92AAF49D-8B76-4D55-BC07-79FE0E27287A} - System32\Tasks\SafeZone scheduled Autoupdate 1489289195 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {9BDC1E02-C8CC-4911-AC9B-CAB731431538} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {E12638C1-0E7A-4791-A9E4-C87A251E85BA} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-13] (WinZip)
Task: {ECBD2950-D34E-4A40-A776-53CDFB487D4D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-12] (AVAST Software)
Task: {F6FF76A7-C9C3-4BE0-B6EB-DCF21C2E49DD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-13] (WinZip Computing, S.L.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Public\Desktop\Windows Recovery Activation.lnk -> C:\Windows\oem\boottore.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-07-03 17:18 - 2013-06-21 21:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-19 23:03 - 2010-04-06 06:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-31 17:31 - 2009-07-17 18:13 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-12 14:25 - 2017-03-12 14:25 - 00162600 ____C () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2013-03-31 01:52 - 2003-03-20 11:53 - 00626688 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
2017-02-08 23:13 - 2017-02-01 20:47 - 02459992 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 23:13 - 2017-02-01 20:47 - 00099672 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00170216 ____C () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-13 03:19 - 2017-03-13 03:19 - 05883392 ____C () C:\Program Files\AVAST Software\Avast\defs\17031200\algo.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00655056 ____C () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-31 01:52 - 1998-11-20 18:44 - 00051712 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwa.dll
2013-03-31 01:52 - 2003-01-22 21:21 - 00253952 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\impexp97.dll
2013-03-31 01:52 - 1999-07-05 19:07 - 00223232 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwablt.dll
2013-03-31 01:52 - 1996-11-14 11:26 - 00079872 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STXFORM.dll
2013-03-31 01:52 - 1999-04-27 11:22 - 00107520 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stfrg.dll
2013-03-31 01:52 - 1999-09-20 21:12 - 00133632 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stapi.dll
2012-05-31 17:28 - 2007-04-10 16:01 - 08357424 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-04-30 12:05 - 2009-04-30 12:05 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-04-30 12:08 - 2009-04-30 12:08 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 48936448 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00290352 ____C () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2017-03-09 21:35 - 00000855 ___AC C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 61.9.195.193 - 61.9.194.49
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: EaseUS Cleanup => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\CleanUpUI.exe" 10 300
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3FDD206B-70EF-42DC-BF05-FB68BEE467F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{83AD98D0-C0DC-4526-B4E8-E36788D6C101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8C8D588B-631E-406C-9C69-613C726A3280}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{FFBFFE18-2552-4021-B8E7-C106E254F5D2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{853F05DD-CB0A-40A9-BB68-9B597D2AC73C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{0BFC4093-7021-451F-8547-EFB9AD1F072E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{A209B7FF-CF96-4491-AB6F-9B877B8C41F3}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1C0DFD0E-26A3-48F0-B7B6-0A3126836062}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{19D29B2A-4450-4591-B92A-BA100A7E6778}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{AAF34BC1-5095-47F0-8BD4-C0DCB3B4A812}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{9CB0DF80-9AB7-4FF6-B7CC-A878B4098F9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0AE3CED2-1BD4-4CD5-8940-B5A265D1D94E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7B4AD209-9201-4C9E-8035-5BF515C45DF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B8ADDFB-8329-4925-B55D-C7BE94BC5607}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B878C2F8-4675-4661-94C7-19816DA19034}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{995AB49C-B5EC-4BC8-BEE0-14E6FC800291}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B1DFFE23-5147-42CF-AA8C-3E640C013FB2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8760E483-EBE7-433B-8759-C6218D8575D8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{63CA2404-B5ED-448A-A7F8-9331422BF559}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{538B1B5B-46C8-48A8-AA62-F8EA4D1872DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDCE4C52-5116-47C2-8F2C-A817D288B509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E60BD84B-1DAD-4688-B6C3-DF322E7A5FAD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{E53A7628-43EE-4DB8-9AAC-6C4E6260A3DA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/13/2017 12:57:10 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: PresentationFramework, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
 
 
System errors:
=============
Error: (03/13/2017 12:46:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2017-03-13 12:48:35.258
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bthport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-13 12:48:35.208
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bthport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16365.53 MB
Available physical RAM: 13721.26 MB
Total Virtual: 65458.71 MB
Available Virtual: 62599.32 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:219.86 GB) (Free:122.41 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1341.76 GB) NTFS
Drive e: (WinRE) (Fixed) (Total:7.81 GB) (Free:3.05 GB) NTFS
Drive l: (Elements) (Fixed) (Total:931.48 GB) (Free:188.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B8B5477E)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 15415647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=219.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 93486964)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#50
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

fix failed.  My fault.  I left out a colon.  Let's try again.

 


  • 0

#51
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
 
FRST log after bthport fix - attempt 2.
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Jim (13-03-2017 14:19:59) Run:4
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
replace: C:\Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys C:\windows\system32\drivers\bthport.sys
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
reboot:
 
 
 
*****************
 
C:\windows\system32\drivers\bthport.sys => moved successfully
C:\Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys copied successfully to C:\windows\system32\drivers\bthport.sys
 
========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 14:20:07 ====

  • 0

#52
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

FRST Scan after bthport fix - take 2....

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by Jim (administrator) on OWNER-PC (13-03-2017 14:47:12)
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-04] (NVIDIA Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256 2008-10-17] (CyberLink Corporation.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-04-30] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-04-29] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-25] (CyberLink Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-12] (AVAST Software)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-12] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digimax Viewer 2.0.lnk [2013-03-31]
ShortcutTarget: Digimax Viewer 2.0.lnk -> C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-23]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-23]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
BootExecute: autocheck autochk /p \??\L:autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 61.9.195.193 61.9.194.49
Tcpip\..\Interfaces\{BE7DBD9A-8CF5-45EE-BB99-67C2A1D540BB}: [DhcpNameServer] 61.9.195.193 61.9.194.49
 
Internet Explorer:
==================
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ninemsn.com.au/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-12] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-12] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
 
FireFox:
========
FF HKU\S-1-5-21-3716940813-2614047019-3014684930-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\ReboundAlert\Firefox => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://isearch.avg.com?cid={420897B4-3090-4DA6-99C7-C4E35DF91734}&mid=cc1113bef9de47d091f4bd2b2bf863fe-10f8a1089b69b7ac31401cb1135c3307a3e569fa&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.9.799&pid=avg&sg=&sap=hp"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Google Search) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Avast Online Security) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-12] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-06] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-17] () [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-14] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1345664 2010-10-13] (NXP Semiconductors Germany GmbH)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2012-07-20] (Google Inc)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-12] (AVAST Software)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-10-14] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-10-14] (CyberLink Corporation.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-04-16] (CyberLink Corp.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-13 14:36 - 2017-03-13 14:36 - 00000000 ___DC C:\ProgramData\SWCUTemp
2017-03-13 11:30 - 2017-03-13 11:30 - 00001589 ____C C:\Users\Jim\Desktop\Search.txt
2017-03-12 14:46 - 2017-03-13 03:00 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-03-12 14:46 - 2017-03-13 03:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-03-12 14:42 - 2017-03-12 14:48 - 00000000 ___DC C:\AVG_Remover
2017-03-12 14:26 - 2017-03-12 14:41 - 00003892 ____C C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1489289195
2017-03-12 14:26 - 2017-03-12 14:26 - 00032088 ____C (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-12 14:26 - 2017-03-12 14:26 - 00001050 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-12 14:25 - 2017-03-13 03:01 - 00004172 ____C C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-12 14:25 - 2017-03-12 14:25 - 00993608 ____C (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00548928 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00398408 ____C (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-12 14:25 - 2017-03-12 14:25 - 00337592 ____C (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00334600 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00309272 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00189768 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00162528 ____C (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00126600 ____C (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00100640 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00075704 ____C (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00048528 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00038296 ____C (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-12 14:25 - 2017-03-12 14:25 - 00001929 ____C C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Windows\System32\Tasks\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-12 14:25 - 2017-03-12 14:25 - 00000000 ___DC C:\Program Files\Common Files\AV
2017-03-12 14:24 - 2017-03-13 10:51 - 00000000 ___DC C:\ProgramData\AVAST Software
2017-03-12 14:24 - 2017-03-12 14:26 - 00000000 ___DC C:\Program Files\AVAST Software
2017-03-12 02:31 - 2017-03-12 02:33 - 00001010 ____C C:\Users\Jim\Desktop\WhoCrashed.lnk
2017-03-12 02:31 - 2017-03-12 02:33 - 00000000 ___DC C:\Program Files\WhoCrashed
2017-03-12 02:31 - 2017-03-12 02:31 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2017-03-12 02:30 - 2017-03-12 02:29 - 04958280 ____C (Resplendence Software Projects Sp. ) C:\Users\Jim\Desktop\whocrashedSetup.exe
2017-03-12 01:53 - 2017-03-13 13:04 - 00026484 ____C C:\Users\Jim\Desktop\Addition.txt
2017-03-12 00:46 - 2017-03-13 14:22 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00002697 ____C C:\Users\Public\Desktop\Skype.lnk
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 __RDC C:\Program Files (x86)\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\Users\Jim\AppData\Local\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-12 00:45 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Skype
2017-03-12 00:45 - 2017-03-12 00:45 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-03-12 00:45 - 2017-03-12 00:45 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2017-03-12 00:45 - 2012-03-14 05:00 - 00385024 ____C (CANON INC.) C:\Windows\system32\CNMLMAD.DLL
2017-03-12 00:44 - 2017-03-12 00:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-03-12 00:44 - 2017-03-12 00:44 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2017-03-12 00:44 - 2012-08-24 01:08 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:41 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-11 20:26 - 2017-03-11 20:26 - 00027846 ____C C:\Users\Jim\Desktop\Addition-2nd time.txt
2017-03-11 18:13 - 2017-03-13 14:20 - 00001012 ____C C:\Users\Jim\Desktop\Fixlog.txt
2017-03-11 18:13 - 2017-03-13 11:27 - 00000000 ___DC C:\Users\Jim\Desktop\FRST-OlderVersion
2017-03-09 21:56 - 2017-03-13 08:07 - 00000467 ____C C:\VEW.txt
2017-03-09 21:55 - 2017-03-09 21:54 - 00061440 ____C ( ) C:\Users\Jim\Desktop\VEW.exe
2017-03-09 21:54 - 2017-03-09 21:54 - 00000000 ___DC C:\Users\Jim\AppData\Local\VirtualStore
2017-03-09 21:23 - 2017-03-09 21:23 - 00000207 ____C C:\Windows\tweaking.com-regbackup-OWNER-PC-Windows-7-Home-Premium-(64-bit).dat
2017-03-09 21:23 - 2017-03-09 21:23 - 00000000 ___DC C:\RegBackup
2017-03-09 19:33 - 2017-03-09 19:33 - 00003650 ____C C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2017-03-09 19:33 - 2017-03-09 19:33 - 00002170 ____C C:\Users\Jim\Desktop\Tweaking.com - Windows Repair.lnk
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\Program Files (x86)\Tweaking.com
2017-03-09 19:31 - 2017-03-09 19:33 - 00190904 ____C C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2017-03-09 19:28 - 2017-03-09 19:27 - 32823032 ____C (Tweaking.com) C:\Users\Jim\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-03-09 19:16 - 2017-03-11 17:28 - 00000000 ___DC C:\Program Files (x86)\SpeedFan
2017-03-09 19:16 - 2017-03-09 19:16 - 00001018 ____C C:\Users\Jim\Desktop\SpeedFan.lnk
2017-03-09 19:16 - 2017-03-09 19:16 - 00000045 ____C C:\Windows\SysWOW64\initdebug.nfo
2017-03-09 19:16 - 2017-03-09 19:16 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-03-09 19:15 - 2017-03-09 19:13 - 03086696 ____C C:\Users\Jim\Desktop\instspeedfan452 (1).exe
2017-03-08 23:34 - 2017-03-11 20:44 - 00079091 ____C C:\Users\Jim\Desktop\OWNER-PC.txt
2017-03-08 23:32 - 2017-03-08 23:32 - 00000803 ____C C:\Users\Public\Desktop\Speccy.lnk
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\Program Files\Speccy
2017-03-08 23:31 - 2017-03-08 23:27 - 06293184 ____C (Piriform Ltd) C:\Users\Jim\Desktop\spsetup130.exe
2017-03-08 23:06 - 2017-03-08 23:06 - 00007616 ____C C:\junk.txt
2017-03-08 22:58 - 2017-03-08 22:58 - 00009213 ____C C:\Users\Jim\Desktop\System Idle Process.txt
2017-03-08 22:53 - 2017-03-08 22:52 - 02710688 ____C (Sysinternals - www.sysinternals.com) C:\Users\Jim\Desktop\procexp.exe
2017-03-05 11:58 - 2017-03-13 14:47 - 00016081 ____C C:\Users\Jim\Desktop\FRST.txt
2017-03-05 11:58 - 2017-03-05 12:16 - 00033895 ____C C:\Users\Jim\Desktop\Addition - 1st Time.txt
2017-03-05 11:57 - 2017-03-13 14:47 - 00000000 ___DC C:\FRST
2017-03-05 11:56 - 2017-03-13 11:27 - 02424832 ____C (Farbar) C:\Users\Jim\Desktop\FRST64.exe
2017-03-05 07:48 - 2017-03-05 07:48 - 00000000 __RDC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures - Shortcut
2017-03-05 07:35 - 2017-03-05 07:57 - 00000000 ___DC C:\Program Files (x86)\Adobe
2017-03-01 23:26 - 2017-03-01 23:26 - 00000000 ___DC C:\Windows\pss
2017-02-23 21:59 - 2017-02-23 22:17 - 00001941 ___HC C:\Windows\EPMBatch.ept
2017-02-23 21:35 - 2017-02-23 21:35 - 00003508 ____C C:\Windows\System32\Tasks\WinZipBackGroundToolsTask
2017-02-23 21:35 - 2017-02-23 21:35 - 00003396 ____C C:\Windows\System32\Tasks\WinZip Update Notifier
2017-02-23 21:35 - 2017-02-23 21:35 - 00002347 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002324 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002294 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002288 ____C C:\Users\Public\Desktop\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Local\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Program Files\WinZip
2017-02-23 21:33 - 2017-02-23 21:33 - 00000000 ___DC C:\Program Files (x86)\EaseUS
2017-02-23 19:53 - 2017-02-23 19:53 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Acronis
2017-02-23 14:48 - 2017-02-23 21:44 - 00007627 ____C C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2017-02-22 13:39 - 2017-02-22 13:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-11 21:31 - 2017-02-11 21:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 21:31 - 2017-02-11 21:31 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2017-02-11 13:11 - 2017-02-11 21:29 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-02-11 13:11 - 2017-02-11 21:28 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-02-11 13:10 - 2017-02-11 21:28 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\system32\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 01393152 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-02-11 13:09 - 2015-12-09 05:54 - 00116736 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-02-11 13:09 - 2015-12-09 05:12 - 00230400 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-02-11 13:09 - 2015-12-09 05:11 - 00005632 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-13 14:29 - 2009-07-14 15:45 - 00028944 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-13 14:29 - 2009-07-14 15:45 - 00028944 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-13 14:26 - 2009-07-14 16:13 - 00781298 ____C C:\Windows\system32\PerfStringBackup.INI
2017-03-13 14:26 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\inf
2017-03-13 14:22 - 2012-07-09 19:55 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2017-03-13 14:21 - 2012-07-03 17:18 - 00000000 ___DC C:\ProgramData\NVIDIA
2017-03-13 14:21 - 2009-07-14 16:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2017-03-13 03:01 - 2013-05-24 23:34 - 00757692 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2017-03-12 16:21 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\rescache
2017-03-12 15:56 - 2009-07-14 16:08 - 00032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-12 14:26 - 2013-09-01 14:05 - 00000000 ___DC C:\Temp
2017-03-12 14:18 - 2017-02-09 00:34 - 00000000 ___DC C:\ProgramData\Avg
2017-03-12 14:14 - 2012-07-07 10:37 - 00000000 ___DC C:\ProgramData\MFAData
2017-03-12 01:24 - 2009-07-14 15:45 - 00352528 ____C C:\Windows\system32\FNTCACHE.DAT
2017-03-12 00:52 - 2014-12-12 21:44 - 00000000 ___DC C:\Windows\system32\appraiser
2017-03-12 00:52 - 2014-05-07 04:00 - 00000000 __SDC C:\Windows\system32\CompatTel
2017-03-12 00:52 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\PolicyDefinitions
2017-03-11 18:13 - 2013-07-03 22:18 - 00000000 ___DC C:\Windows\System32\Tasks\Games
2017-03-11 18:06 - 2013-07-03 23:05 - 00000000 ___DC C:\Program Files (x86)\Java
2017-03-11 17:13 - 2012-07-10 20:12 - 00091256 ____C C:\Users\Jim\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-09 21:35 - 2009-07-14 13:34 - 00000439 ____C C:\Windows\win.ini
2017-03-09 20:59 - 2012-07-09 19:55 - 00000000 __RDC C:\Users\Jim
2017-03-08 23:02 - 2012-05-31 17:28 - 00001294 ____C C:\Users\Public\Desktop\Windows Recovery Activation.lnk
2017-03-06 18:17 - 2009-07-14 16:09 - 00000000 ___DC C:\Windows\System32\Tasks\WPD
2017-03-06 01:01 - 2009-07-14 15:57 - 00001547 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-05 11:21 - 2013-07-19 22:57 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\SysWOW64\Macromed
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\system32\Macromed
2017-03-05 07:35 - 2012-09-08 21:46 - 00000000 ___DC C:\ProgramData\Adobe
2017-03-01 23:31 - 2012-07-07 10:29 - 00000000 ___DC C:\ProgramData\Yahoo!
2017-03-01 23:31 - 2012-07-07 10:28 - 00000000 ___DC C:\Program Files (x86)\Yahoo!
2017-03-01 23:30 - 2009-07-14 13:34 - 00000826 ____C C:\Windows\system32\Drivers\etc\hosts_bak_521
2017-03-01 23:26 - 2012-12-29 21:09 - 00000000 ___DC C:\Users\Jim\AppData\Local\ElevatedDiagnostics
2017-02-28 16:27 - 2012-06-01 11:13 - 00000000 ___DC C:\Windows\Panther
2017-02-25 01:49 - 2013-08-16 02:04 - 00000000 ___DC C:\Windows\system32\MRT
2017-02-25 01:48 - 2012-07-10 01:06 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 23:27 - 2012-07-10 20:33 - 00000000 ___DC C:\Users\Jim\AppData\Local\Microsoft Games
2017-02-23 19:53 - 2012-07-08 23:53 - 00001222 ____C C:\Users\Public\Desktop\Acronis True Image Home 2010.lnk
2017-02-22 13:39 - 2014-12-13 20:36 - 00002151 ____C C:\Users\Public\Desktop\Google Earth.lnk
2017-02-22 13:39 - 2014-12-13 20:35 - 00000000 ___DC C:\Program Files (x86)\Google
2017-02-22 07:28 - 2012-07-09 20:04 - 00000000 ___DC C:\Users\Jim\AppData\Local\Google
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\SysWOW64\Dism
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\system32\Dism
2017-02-11 21:28 - 2015-05-15 19:55 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-02-11 21:28 - 2015-01-14 19:02 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Silverlight
2017-02-11 01:13 - 2017-02-09 18:52 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-02-11 01:12 - 2017-02-10 18:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-02-11 01:12 - 2017-02-10 18:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-02-11 01:12 - 2017-02-10 18:02 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-02-11 01:05 - 2017-02-10 18:07 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-02-11 01:05 - 2017-02-10 18:07 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-02-11 01:05 - 2017-02-09 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-02-11 01:04 - 2017-02-10 18:02 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-02-11 01:04 - 2017-02-10 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-02-11 01:04 - 2017-02-10 18:02 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-02-11 01:04 - 2017-02-10 18:02 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-02-11 01:04 - 2017-02-09 01:17 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-02-11 01:04 - 2017-02-09 01:17 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-02-11 01:03 - 2017-02-10 18:07 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-02-11 01:03 - 2017-02-10 18:07 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-02-11 01:03 - 2017-02-10 18:02 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2017-02-11 01:03 - 2017-02-10 18:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-02-11 01:03 - 2017-02-10 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2017-02-11 01:03 - 2012-08-04 11:28 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-11 01:02 - 2017-02-10 18:07 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-02-11 01:02 - 2017-02-10 18:07 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-02-11 01:02 - 2017-02-10 18:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-02-11 01:02 - 2017-02-10 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-02-11 01:01 - 2017-02-10 18:01 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-02-11 01:01 - 2017-02-10 18:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-02-11 01:01 - 2017-02-10 18:01 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-02-11 01:01 - 2017-02-10 18:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-02-11 01:01 - 2017-02-10 18:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-02-11 01:00 - 2017-02-09 20:25 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
 
==================== Files in the root of some directories =======
 
2012-07-22 15:59 - 2012-07-22 15:59 - 0027520 ____C () C:\Users\Jim\AppData\Local\dt.dat
2017-02-23 14:48 - 2017-02-23 21:44 - 0007627 ____C () C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2012-05-31 17:33 - 2012-05-31 17:33 - 0000109 ____C () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-31 17:32 - 2012-05-31 17:33 - 0000106 ____C () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2012-05-31 17:31 - 2012-05-31 17:32 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-31 17:29 - 2012-05-31 17:31 - 0000106 ____C () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-31 17:33 - 2012-05-31 17:33 - 0000110 ____C () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-05-31 17:28 - 2012-05-31 17:29 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-03-12 16:13
 
==================== End of FRST.txt ============================

  • 0

#53
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Additional Logfile after bthport fix take 2....

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Jim (13-03-2017 14:47:29)
Running from C:\Users\Jim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-03 03:17:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3716940813-2614047019-3014684930-500 - Administrator - Disabled)
Guest (S-1-5-21-3716940813-2614047019-3014684930-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3716940813-2614047019-3014684930-1008 - Limited - Enabled)
Jim (S-1-5-21-3716940813-2614047019-3014684930-1006 - Administrator - Enabled) => C:\Users\Jim
Owner (S-1-5-21-3716940813-2614047019-3014684930-1002 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-3716940813-2614047019-3014684930-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7154 - Acronis)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2604 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.4617 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3117 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2918 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1111 - CyberLink Corp.)
Digimax V (HKLM-x32\...\{FC483A2D-E281-4282-94F8-A4C2E7CCD687}) (Version:  - )
Digimax Viewer 2.0 (HKLM-x32\...\{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}) (Version:  - )
Etron USB3.0 Host Controller (x32 Version: 0.105 - Etron Technology) Hidden
Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version:  - FlashPlayerPro.com)
G3 Manager (HKLM-x32\...\{8D9E93D2-049D-4E9D-B263-13216E20EF1F}) (Version: 1.00.0000 - )
G3 Manager (x32 Version: 1.00.0000 - DECA System) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
LightScribe System Software (HKLM-x32\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NavDesk 2009 (HKLM-x32\...\{F5F1B66A-F117-427C-98C7-D4732F49BEBF}) (Version: 6.20.211 - Navman Technologies NZ Ltd)
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0E}) (Version: 3.1.4.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.26 - Tweaking.com)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WhoCrashed 5.53 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
WinFast Multimedia Driver Installation  (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version:  - Multimedia)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3716940813-2614047019-3014684930-1006_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08DCD433-AAF9-4FD7-BA1D-AE07C1EF3A73} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-03-12] (AVAST Software)
Task: {49BAD779-C313-4870-8B91-DDDF58FD2628} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {711EB444-D5AF-41FB-861C-608E26CC732F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {763CBF87-73CE-4B75-AF12-26C10BA5D7E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe 
Task: {92AAF49D-8B76-4D55-BC07-79FE0E27287A} - System32\Tasks\SafeZone scheduled Autoupdate 1489289195 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {9BDC1E02-C8CC-4911-AC9B-CAB731431538} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {E12638C1-0E7A-4791-A9E4-C87A251E85BA} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-13] (WinZip)
Task: {ECBD2950-D34E-4A40-A776-53CDFB487D4D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-12] (AVAST Software)
Task: {F6FF76A7-C9C3-4BE0-B6EB-DCF21C2E49DD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-13] (WinZip Computing, S.L.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Public\Desktop\Windows Recovery Activation.lnk -> C:\Windows\oem\boottore.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-07-03 17:18 - 2013-06-21 21:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-19 23:03 - 2010-04-06 06:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-31 17:31 - 2009-07-17 18:13 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-12 14:25 - 2017-03-12 14:25 - 00162600 ____C () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00792656 ____C () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2013-03-31 01:52 - 2003-03-20 11:53 - 00626688 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
2017-02-08 23:13 - 2017-02-01 20:47 - 02459992 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 23:13 - 2017-02-01 20:47 - 00099672 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00170216 ____C () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-13 03:19 - 2017-03-13 03:19 - 05883392 ____C () C:\Program Files\AVAST Software\Avast\defs\17031200\algo.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00655056 ____C () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-31 01:52 - 1998-11-20 18:44 - 00051712 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwa.dll
2013-03-31 01:52 - 2003-01-22 21:21 - 00253952 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\impexp97.dll
2013-03-31 01:52 - 1999-07-05 19:07 - 00223232 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwablt.dll
2013-03-31 01:52 - 1996-11-14 11:26 - 00079872 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STXFORM.dll
2013-03-31 01:52 - 1999-04-27 11:22 - 00107520 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stfrg.dll
2013-03-31 01:52 - 1999-09-20 21:12 - 00133632 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stapi.dll
2012-05-31 17:28 - 2007-04-10 16:01 - 08357424 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-04-30 12:05 - 2009-04-30 12:05 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-04-30 12:08 - 2009-04-30 12:08 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 48936448 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-12 14:25 - 2017-03-12 14:25 - 00290352 ____C () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2017-03-09 21:35 - 00000855 ___AC C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 61.9.195.193 - 61.9.194.49
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: EaseUS Cleanup => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\CleanUpUI.exe" 10 300
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3FDD206B-70EF-42DC-BF05-FB68BEE467F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{83AD98D0-C0DC-4526-B4E8-E36788D6C101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8C8D588B-631E-406C-9C69-613C726A3280}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{FFBFFE18-2552-4021-B8E7-C106E254F5D2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{853F05DD-CB0A-40A9-BB68-9B597D2AC73C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{0BFC4093-7021-451F-8547-EFB9AD1F072E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{A209B7FF-CF96-4491-AB6F-9B877B8C41F3}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1C0DFD0E-26A3-48F0-B7B6-0A3126836062}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{19D29B2A-4450-4591-B92A-BA100A7E6778}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{AAF34BC1-5095-47F0-8BD4-C0DCB3B4A812}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{9CB0DF80-9AB7-4FF6-B7CC-A878B4098F9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0AE3CED2-1BD4-4CD5-8940-B5A265D1D94E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7B4AD209-9201-4C9E-8035-5BF515C45DF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B8ADDFB-8329-4925-B55D-C7BE94BC5607}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B878C2F8-4675-4661-94C7-19816DA19034}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{995AB49C-B5EC-4BC8-BEE0-14E6FC800291}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B1DFFE23-5147-42CF-AA8C-3E640C013FB2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8760E483-EBE7-433B-8759-C6218D8575D8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{63CA2404-B5ED-448A-A7F8-9331422BF559}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{538B1B5B-46C8-48A8-AA62-F8EA4D1872DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDCE4C52-5116-47C2-8F2C-A817D288B509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E60BD84B-1DAD-4688-B6C3-DF322E7A5FAD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{E53A7628-43EE-4DB8-9AAC-6C4E6260A3DA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (03/13/2017 02:20:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16365.53 MB
Available physical RAM: 13688.42 MB
Total Virtual: 65458.71 MB
Available Virtual: 62497.4 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:219.86 GB) (Free:122.41 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1341.76 GB) NTFS
Drive e: (WinRE) (Fixed) (Total:7.81 GB) (Free:3.05 GB) NTFS
Drive l: (Elements) (Fixed) (Total:931.48 GB) (Free:188.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B8B5477E)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 15415647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=219.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 93486964)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

That fix worked.  Odd thing is that the bthport.sys files is no longer being loaded in the driver list.  Probably because you switched to the wired mouse.  

 

Have you had any more crashes since you changed the pagefile?  If so try who crashed again and see if it sees anything.

 

I notice you have an old Nvidia driver from 2010  There was a new one just released this month.  You might want to try it:

 

http://www.nvidia.co...px/115886/en-us

 

GEFORCE GAME READY DRIVER
 
Version: 378.78  WHQL
Release Date: 2017.3.9
Operating System: Windows 7 64-bit, Windows 8.1 64-bit, Windows 8 64-bit
Language: English (US)
File Size: 380.22 MB

  • 0

#55
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Downloaded the new Graphics Driver..

it didn't come up clean. Had to eventually swap the two monitor cables to the reverse ports - l put the primary to secondary port and vise visa. to eventually get the primary screen working and then they both came up.

very strange.

maybe the cards got crossed over when the new drivers loaded. anyway - its working now.

 

Checked the Who's Crashed.... same as previous - no valid crash data available


  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I assume that means you still have the crashes.

 

The remaining error is related to AMD/ATI Graphics.  I assume that's on your PC because it's built in to your motherboard.  

 

If you search for

 

device manager

and hit Enter then look under Display Adapters (hit the arrow in front of it to open )

Do you see anything besides your two nvidia cards?  Right click on any non Nvidia entry and disable.

 

Also search for

services.msc

 

and hit Enter.  

 

See if you can find AMD External Events Utility.  Right click on it and select Properties then change the Startup Type: to Disabled  OK

 

Repeat for 

AMD FUEL Service (if it's there).

 

 
Right click on Computer and select Manage. Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 

Run VEW again as before:

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

How often do you get your crashes?  Is there somethign you can do to make it crash?  Does it reboot when it crashes or just hang?  

 

You can try searching for

 

msconfig

and hit Enter.  Then Go to Services tab and click on the box to hide Microsoft Services then uncheck

everything that remains except Avast related programs.  Go to Startup tab and uncheck everything except Avast related programs.  OK and
reboot.
 
Does it still crash?

  • 0

#57
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
 

On Device Manager there was nothing else under Display Adapters except for the two nvidia cards

 

Under Services Disabled AMD External Events Utility.  

AMD FUEL Service did NOT exist

 

Windows Logs cleared
 
after reboot
 
====================================================================
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 14/03/2017 9:34:41 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/03/2017 10:15:03 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/03/2017 10:15:17 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
 
 
=============================================================
 
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 14/03/2017 9:35:59 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/03/2017 10:15:05 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-3716940813-2614047019-3014684930-1006:
Process 1692 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3716940813-2614047019-3014684930-1006
 
=======================================================

  • 0

#58
jimxx7

jimxx7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

The mouse freezing is a lot less frequent.


  • 0

#59
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

But still happening I guess.

 

What it sounds like is something is using too much CPU.  Right click on the clock and select  Start Task manager then minimize it.

 

Click on the up arrow to the left of the icons by the clock and select Customize.  Find Windows Task Manager and make sure it says Show Icons and Notifications.

 

You should now see a little box as one of the icons near the task manager.  The box will fill with green if the CPU gets busy.  Next time the mouse freezes, see if the box is completely full of green.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP