Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
Ran by Devorah (administrator) on DEVORAH (13-05-2017 22:22:20)
Running from C:\Users\Devorah\Downloads
Loaded Profiles: Devorah (Available Profiles: Devorah)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corp.) C:\Users\Devorah\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3354856 2015-09-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [914648 2014-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830104 2014-01-14] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-07] (AVAST Software)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKU\S-1-5-21-2793964199-3270143034-3335033632-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2793964199-3270143034-3335033632-1001\...\Run: [OffCAT] => C:\Users\Devorah\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corp.)
HKU\S-1-5-21-2793964199-3270143034-3335033632-1001\...\Run: [Google Update] => C:\Users\Devorah\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-07] (AVAST Software)
Startup: C:\Users\Devorah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-02-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{a86188d9-ff6a-4f18-8bc5-c91c08adb27c}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{bf1d40d8-231f-4641-a13e-357353647536}: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2793964199-3270143034-3335033632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://
www.google.com/
HKU\S-1-5-21-2793964199-3270143034-3335033632-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-26] (Microsoft Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-26] (Microsoft Corporation)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-2793964199-3270143034-3335033632-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
FireFox:
========
FF DefaultProfile: owp196v8.default
FF ProfilePath: C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default [2017-05-10]
FF Homepage: Mozilla\Firefox\Profiles\owp196v8.default -> hxxps://
www.google.com/
FF Extension: (Rainbow) - C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default\Extensions\rainbow@colors.org.xpi [2016-05-01]
FF Extension: (Avast SafePrice) - C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default\Extensions\sp@avast.com.xpi [2017-05-07]
FF Extension: (Avast Online Security) - C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default\Extensions\wrc@avast.com.xpi [2017-05-07]
FF Extension: (Html Validator) - C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2016-07-03]
FF Extension: (Web Developer) - C:\Users\Devorah\AppData\Roaming\Mozilla\Firefox\Profiles\owp196v8.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2017-04-25]
FF ProfilePath: C:\Users\Devorah\AppData\Roaming\KompoZer\Profiles\088ojtvc.default [2017-01-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2793964199-3270143034-3335033632-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Devorah\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-2793964199-3270143034-3335033632-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Devorah\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Devorah\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-03-29] (Cisco WebEx LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://
www.msn.com/?pc=Z192&install_date=20110819
CHR StartupUrls: Default -> "hxxps://
www.google.com/"
CHR Profile: C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default [2017-05-13]
CHR Extension: (Google Slides) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Google Docs) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (MeasureIt!) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aonjhmdcgbgikgjapjckfkefpphjpgma [2015-04-22]
CHR Extension: (Google Drive) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Web Developer) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-02-16]
CHR Extension: (ColorZilla) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2016-12-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-05-11]
CHR Extension: (YouTube) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Solitaire) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2016-12-15]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-01-07]
CHR Extension: (Google Search) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2017-04-03]
CHR Extension: (Facebook Color & Background Changer) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheljpcbhldkdiabdemaflamgfnbpnkd [2016-02-25]
CHR Extension: (MaskMe) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2015-04-22]
CHR Extension: (MozBar) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2017-02-21]
CHR Extension: (Click to activate or deactivate on current page.) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\enibedkmbpadhfofcgjcphipflcbpelf [2017-03-09]
CHR Extension: (Google Sheets) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Caret) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fljalecfjciodhpcledpamjachpmelml [2017-03-05]
CHR Extension: (HTTPS Everywhere) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-05-13]
CHR Extension: (Google Docs Offline) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (AdBlock) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-14]
CHR Extension: (Pinterest Save Button) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2017-05-12]
CHR Extension: (Eye Dropper) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2016-10-05]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-05-09]
CHR Extension: (Web Developer Checklist) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahamcpedabephpcgkeikbclmaljebjp [2015-08-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-04-22]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-05-03]
CHR Extension: (Clearly) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-06-12]
CHR Extension: (WhatFont) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-05-06]
CHR Extension: (Pocket Website) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2015-04-22]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-04-18]
CHR Extension: (Cache Killer) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfbieopdmepaolggioebjmedmclkbap [2017-03-12]
CHR Extension: (Ballloon for Chrome) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmligehjhghebleanjcmenomghmcohn [2016-04-04]
CHR Extension: (Bookmark Checker) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnboppjpcdnckcklbmjmdahfkpmgglec [2017-04-12]
CHR Extension: (Clean Google Calendar) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\magodclodecbbnbdfpmoehfdddkhlfmm [2017-04-30]
CHR Extension: (Text) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2017-04-30]
CHR Extension: (Popup my Bookmarks) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni [2017-04-07]
CHR Extension: (Save to Pocket) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-04-24]
CHR Extension: (YSlow) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh [2015-04-22]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-04-22]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (SEO for Chrome) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj [2015-04-22]
CHR Extension: (SEO SERP) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg [2015-04-22]
CHR Extension: (Stylebot) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2015-08-01]
CHR Extension: (Check My Links) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2015-10-21]
CHR Extension: (Rollip - Photo Effects) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2015-04-22]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2015-05-06]
CHR Extension: (Minimalist Markdown Editor) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghodfjepegmciihfhdipmimghiakcjf [2016-12-01]
CHR Extension: (Psykopaint) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Devorah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Opera:
=======
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Devorah\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-03-20]
OPR Extension: (Web Developer) - C:\Users\Devorah\AppData\Roaming\Opera Software\Opera Stable\Extensions\kddhmaadmaklcieonhggddempagbakph [2017-03-20]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-07] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-09-16] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2016-12-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)
S3 wpscloudsvr; C:\Users\Devorah\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [173824 2016-12-27] (Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-07] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-07] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [40016 2015-12-21] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-03-17] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-12] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-13 21:56 - 2017-05-13 21:56 - 00000106 _____ C:\Users\Devorah\Desktop\Shirat Devorah- Rabbi Meir Baal HaNess - Master of the Miracle.url
2017-05-13 06:02 - 2017-05-13 06:02 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-12 19:30 - 2017-05-12 19:30 - 03172839 _____ C:\Users\Devorah\Desktop\All About Energy (002).pdf
2017-05-12 12:59 - 2017-05-12 12:59 - 00034027 _____ C:\Users\Devorah\Downloads\eBayISAPI.gz
2017-05-12 08:19 - 2017-05-12 08:19 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\54A55C56.sys
2017-05-12 08:14 - 2017-05-12 08:15 - 04102600 _____ C:\Users\Devorah\Downloads\adwcleaner_6.046.exe
2017-05-12 07:44 - 2017-05-12 08:23 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-12 07:44 - 2017-05-12 07:44 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-12 07:44 - 2017-05-12 07:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-12 07:44 - 2017-05-12 07:44 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-12 07:35 - 2017-05-12 07:43 - 63035592 _____ (Malwarebytes ) C:\Users\Devorah\Downloads\mb3-setup-consumer-3.1.2.1733.exe
2017-05-12 06:27 - 2017-05-12 06:27 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-05-11 21:08 - 2017-05-11 22:43 - 00000000 ____D C:\ProgramData\RogueKiller
2017-05-11 21:08 - 2017-05-11 21:08 - 00000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-05-11 21:08 - 2017-05-11 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-05-11 21:08 - 2017-05-11 21:08 - 00000000 ____D C:\Program Files\RogueKiller
2017-05-11 13:56 - 2017-05-11 13:56 - 00000080 _____ C:\Users\Devorah\Desktop\Subacute Thyroiditis Treatment & Management- Approach Considerations, Pharmacologic Therapy, Monitoring.url
2017-05-11 12:23 - 2017-05-11 12:23 - 00000096 _____ C:\Users\Devorah\Desktop\Virus and Malware Removal - TechSpot Forums.url
2017-05-11 10:41 - 2017-05-11 11:44 - 35366512 _____ (Adlice Software ) C:\Users\Devorah\Desktop\RogueKiller_setup.exe
2017-05-11 09:41 - 2017-05-11 09:41 - 00116966 _____ C:\Users\Devorah\Desktop\FRST.txt
2017-05-11 09:41 - 2017-05-11 09:41 - 00042478 _____ C:\Users\Devorah\Desktop\Addition.txt
2017-05-11 09:37 - 2017-05-11 09:40 - 00042475 _____ C:\Users\Devorah\Downloads\Addition.txt
2017-05-11 09:35 - 2017-05-13 22:23 - 00027175 _____ C:\Users\Devorah\Downloads\FRST.txt
2017-05-11 09:34 - 2017-05-13 22:22 - 00000000 ____D C:\FRST
2017-05-11 09:33 - 2017-05-11 09:34 - 02429440 _____ (Farbar) C:\Users\Devorah\Downloads\FRST64.exe
2017-05-11 07:54 - 2017-05-11 07:54 - 00000145 _____ C:\Users\Devorah\Desktop\UPDATED 4-Step Viruses-Spyware-Malware Removal Preliminary Instructions - TechSpot Forums.url
2017-05-10 19:15 - 2017-05-10 19:15 - 00000081 _____ C:\Users\Devorah\Desktop\How to Use Windows 10 - Guide for Beginners & Power Users.url
2017-05-10 17:28 - 2017-04-27 20:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 17:28 - 2017-04-27 19:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 17:28 - 2017-04-27 19:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 17:28 - 2017-04-27 19:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 17:28 - 2017-04-27 19:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 17:28 - 2017-04-27 19:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 17:28 - 2017-04-27 19:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 17:28 - 2017-04-27 19:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 17:28 - 2017-04-27 19:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 17:28 - 2017-04-27 19:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 17:28 - 2017-04-27 19:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 17:28 - 2017-04-27 19:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 17:28 - 2017-04-27 19:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 17:28 - 2017-04-27 19:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 17:28 - 2017-04-27 19:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 17:28 - 2017-04-27 19:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 17:28 - 2017-04-27 19:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 17:28 - 2017-04-27 19:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 17:28 - 2017-04-27 19:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 17:28 - 2017-04-27 19:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 17:28 - 2017-04-27 19:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 17:28 - 2017-04-27 19:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 17:28 - 2017-04-27 19:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 17:28 - 2017-04-27 19:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 17:28 - 2017-04-27 19:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 17:28 - 2017-04-27 19:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 17:28 - 2017-04-27 19:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 17:28 - 2017-04-27 19:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 17:28 - 2017-04-27 19:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 17:28 - 2017-04-27 19:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 17:28 - 2017-04-27 19:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 17:28 - 2017-04-27 19:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 17:28 - 2017-04-27 19:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 17:28 - 2017-04-27 19:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 17:28 - 2017-04-27 19:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 17:28 - 2017-04-27 19:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 17:28 - 2017-04-27 19:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 17:28 - 2017-04-27 19:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 17:28 - 2017-04-27 19:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 17:28 - 2017-04-27 19:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 17:28 - 2017-04-27 19:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 17:28 - 2017-04-27 19:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 17:28 - 2017-04-27 19:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 17:28 - 2017-04-27 19:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 17:28 - 2017-04-27 19:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 17:28 - 2017-04-27 19:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 17:28 - 2017-04-27 19:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 17:28 - 2017-04-27 19:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 17:28 - 2017-04-27 19:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 17:28 - 2017-04-27 19:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 17:28 - 2017-04-27 19:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 17:28 - 2017-04-27 19:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 17:28 - 2017-04-27 19:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 17:28 - 2017-04-27 18:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 17:28 - 2017-04-27 18:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 17:28 - 2017-04-27 18:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 17:28 - 2017-04-27 18:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 17:28 - 2017-04-27 18:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 17:28 - 2017-04-27 18:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 17:28 - 2017-04-27 18:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 17:28 - 2017-04-27 18:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 17:28 - 2017-04-27 18:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 17:28 - 2017-04-27 18:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 17:28 - 2017-04-27 18:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 17:28 - 2017-03-04 01:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 17:28 - 2017-03-04 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 17:28 - 2017-03-04 01:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 17:27 - 2017-04-27 19:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 17:27 - 2017-04-27 19:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 17:27 - 2017-04-27 19:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 17:27 - 2017-04-27 19:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 17:27 - 2017-04-27 19:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 17:27 - 2017-04-27 19:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 17:27 - 2017-04-27 19:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 17:27 - 2017-04-27 19:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 17:27 - 2017-04-27 19:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 17:27 - 2017-04-27 19:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 17:27 - 2017-04-27 19:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 17:27 - 2017-04-27 19:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 17:27 - 2017-04-27 19:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 17:27 - 2017-04-27 19:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 17:27 - 2017-04-27 19:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 17:27 - 2017-04-27 19:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 17:27 - 2017-04-27 19:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 17:27 - 2017-04-27 19:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 17:27 - 2017-04-27 19:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 17:27 - 2017-04-27 19:40 - 01202936 _____ (Microsoft Corporation)