Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-12-2015
Ran by Shayan Sharifiam (administrator) on MUFASA (25-12-2015 01:39:07)
Running from C:\Users\Shayan Sharifiam\Downloads
Loaded Profiles: UpdatusUser & Shayan Sharifiam (Available Profiles: UpdatusUser & Shayan Sharifiam)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\nis.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Flux Software LLC) C:\Users\Shayan Sharifiam\AppData\Local\FluxSoftware\Flux\flux.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Shayan Sharifiam\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Shayan Sharifiam\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-08-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-16] (cyberlink)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2153991328-1753666273-2171064705-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Shayan Sharifiam\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\...\Run: [f.lux] => C:\Users\Shayan Sharifiam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{138b5397-1f7f-4edc-9cbb-1650fffc7845}: [DhcpNameServer] 172.168.0.2
Tcpip\..\Interfaces\{6657b972-8c84-4825-acf8-a3433909295e}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/hpnot13/1
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-2153991328-1753666273-2171064705-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {2AE5E987-3EA9-4FD0-B943-895D10AB1465} URL = hxxp://
www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {2AE5E987-3EA9-4FD0-B943-895D10AB1465} URL = hxxp://
www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2153991328-1753666273-2171064705-1002 -> {2AE5E987-3EA9-4FD0-B943-895D10AB1465} URL = hxxp://
www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2153991328-1753666273-2171064705-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-2153991328-1753666273-2171064705-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2153991328-1753666273-2171064705-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL => No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2153991328-1753666273-2171064705-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-24] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon [2015-12-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon
Chrome:
=======
CHR Profile: C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-24]
CHR Extension: (Google Docs) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-24]
CHR Extension: (Google Drive) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-07]
CHR Extension: (Google Search) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Website Logon) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2015-08-24]
CHR Extension: (Google Sheets) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-24]
CHR Extension: (Google Docs Offline) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (AdBlock) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR Extension: (Gmail) - C:\Users\Shayan Sharifiam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-29]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1587128 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244752 2012-07-16] (CyberLink)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-09] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe [282016 2015-11-20] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-08-21] (Synaptics Incorporated)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151113.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605050.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-17] (Symantec Corporation)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [645952 2012-07-31] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151118.001\IDSvia64.sys [767224 2015-10-19] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151118.021\ENG64.SYS [138488 2015-10-26] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151118.021\EX64.SYS [2148080 2015-10-26] (Symantec Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-08-21] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1605050.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R3 SymEFASI; C:\Windows\system32\drivers\NISx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1605050.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-31] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1605050.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-25 01:39 - 2015-12-25 01:39 - 00027745 _____ C:\Users\Shayan Sharifiam\Downloads\FRST.txt
2015-12-25 01:39 - 2015-12-25 01:39 - 00000000 ____D C:\FRST
2015-12-25 01:38 - 2015-12-25 01:38 - 02370560 _____ (Farbar) C:\Users\Shayan Sharifiam\Downloads\FRST64.exe
2015-12-25 01:30 - 2015-12-25 01:33 - 567274406 _____ C:\Users\Shayan Sharifiam\Downloads\ApexConquer.rar
2015-12-18 19:26 - 2015-12-18 19:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-17 16:17 - 2015-12-06 22:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 16:17 - 2015-12-06 22:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 16:17 - 2015-12-06 22:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 16:17 - 2015-12-06 22:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 16:17 - 2015-12-06 22:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 16:17 - 2015-12-06 22:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 16:17 - 2015-12-06 22:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 16:17 - 2015-12-06 22:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-17 16:17 - 2015-12-06 22:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 16:17 - 2015-12-06 22:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 16:17 - 2015-12-06 22:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 16:17 - 2015-12-06 22:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 16:17 - 2015-12-06 22:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 16:17 - 2015-12-06 22:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 16:17 - 2015-12-06 22:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 16:17 - 2015-12-06 22:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 16:17 - 2015-12-06 22:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 16:17 - 2015-12-06 22:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 16:17 - 2015-12-06 22:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 16:17 - 2015-12-06 22:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 16:17 - 2015-12-06 22:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 16:17 - 2015-12-06 22:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 16:17 - 2015-12-06 22:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 16:17 - 2015-12-06 22:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 16:17 - 2015-12-06 22:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 16:17 - 2015-12-06 22:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 16:17 - 2015-12-06 22:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 16:17 - 2015-12-06 22:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-17 16:17 - 2015-12-06 22:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 16:17 - 2015-12-06 22:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 16:17 - 2015-12-06 22:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 16:17 - 2015-12-06 22:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 16:17 - 2015-12-06 22:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 16:17 - 2015-12-06 22:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 16:17 - 2015-12-06 22:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 16:17 - 2015-12-06 22:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 16:17 - 2015-12-06 21:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 16:17 - 2015-12-06 21:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 16:17 - 2015-12-06 21:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 16:17 - 2015-12-06 21:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 16:17 - 2015-12-06 21:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 16:17 - 2015-12-06 21:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 16:17 - 2015-12-06 21:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 16:17 - 2015-12-06 21:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-17 16:17 - 2015-12-06 21:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 16:17 - 2015-12-06 21:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 16:17 - 2015-12-06 21:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 21:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 16:17 - 2015-12-06 21:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 16:17 - 2015-12-06 21:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 16:17 - 2015-12-06 21:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-17 16:17 - 2015-12-06 21:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 16:17 - 2015-12-06 21:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 16:17 - 2015-12-06 21:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 16:17 - 2015-12-06 21:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 16:17 - 2015-12-06 21:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 16:17 - 2015-12-06 21:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 16:17 - 2015-12-06 21:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-17 16:17 - 2015-12-06 21:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 16:17 - 2015-12-06 21:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 16:17 - 2015-12-06 21:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 16:17 - 2015-12-06 21:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 16:17 - 2015-12-06 21:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-17 16:17 - 2015-12-06 21:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 16:17 - 2015-12-06 21:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 16:17 - 2015-12-06 21:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 16:17 - 2015-12-06 21:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 16:17 - 2015-12-06 21:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 16:17 - 2015-12-06 21:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 16:17 - 2015-12-06 21:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 16:17 - 2015-12-06 21:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 16:17 - 2015-12-06 21:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 16:17 - 2015-12-06 21:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 14:40 - 2015-12-17 14:40 - 00000000 ____D C:\Users\Shayan Sharifiam\AppData\Local\TempTaskUpdateDetection7CDDD239-C334-4665-9EB0-523207C2B9C5
2015-12-17 13:26 - 2015-12-17 13:26 - 00000000 ____D C:\Users\Shayan Sharifiam\AppData\Local\ActiveSync
2015-12-17 13:24 - 2015-12-17 13:24 - 00000020 ___SH C:\Users\Shayan Sharifiam\ntuser.ini
2015-12-17 05:58 - 2015-12-17 06:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-17 05:54 - 2015-12-17 05:55 - 00000000 ____D C:\Windows.old
2015-12-17 05:54 - 2015-12-17 05:54 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-17 05:54 - 2015-12-17 05:54 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-17 05:54 - 2015-12-17 05:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-17 05:54 - 2015-12-17 05:54 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-17 05:54 - 2015-12-17 05:54 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-17 05:54 - 2015-12-17 05:54 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-17 05:54 - 2015-12-17 05:54 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-17 05:54 - 2015-12-17 05:54 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-17 05:54 - 2015-12-17 05:54 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll