Inactive-A Startup Password

Status
Not open for further replies.
G

Glenny61

Wife had a chat with India yesterday....no money but startup locked.....Took a log.....
 

Attachments

  • FRST.txt
    60.6 KB · Views: 1
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

In the future posts please observe forum rules.
All logs have to be pasted not attached.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by SYSTEM on MININT-DA49ME6 (22-03-2017 08:27:45)
Running from G:\
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool:

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-03-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\RunOnce: [RollbackOnline] => C:\$WINDOWS.~BT\Sources\SetupPlatform.exe [173760 2017-03-21] (Microsoft Corporation)
BootExecute: autocheck autochk *

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 TeamViewer; c:\users\user\appdata\local\temp\teamviewer\TeamViewer_Service.exe [6205680 2017-02-02] (TeamViewer GmbH) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2017-03-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-07-01] (Glarysoft Ltd)
S1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-28] (REALiX(tm))
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-28] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
S3 DKbFltr; \SystemRoot\SysWOW64\Drivers\DKbFltr.sys [X]
S3 idsvc; no ImagePath
S3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-22 08:27 - 2017-03-22 08:27 - 00000000 ____D C:\FRST
2017-03-21 21:00 - 2017-03-21 22:22 - 00000000 _____ C:\Recovery.txt
2017-03-21 19:11 - 2017-03-21 20:17 - 00000000 ___HD C:\$Windows.~BT
2017-03-21 10:46 - 2017-03-21 10:46 - 08388608 ___SH C:\tmpgfile.sys
2017-03-21 03:53 - 2017-03-21 03:54 - 00000000 ____D C:\Program Files (x86)\ShowMyPCService
2017-03-21 03:53 - 2017-03-21 03:53 - 02468792 _____ C:\Users\User\Downloads\ShowMyPC3510.exe
2017-03-21 03:53 - 2017-03-21 03:53 - 00001441 _____ C:\Users\User\Desktop\ShowMyPC.lnk
2017-03-21 03:51 - 2017-03-21 03:51 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2017-03-21 03:49 - 2017-03-21 03:50 - 09802576 _____ (TeamViewer) C:\Users\User\Downloads\TeamViewerQS.exe
2017-03-14 18:47 - 2017-03-14 18:47 - 14705832 _____ (Adobe Systems Inc.) C:\Users\User\Downloads\Shockwave_Installer_Full (1).exe
2017-03-14 18:08 - 2017-03-14 18:10 - 16788752 _____ C:\Users\User\Downloads\Glary_Utilities_v5.71.0.92.exe
2017-03-14 18:05 - 2017-03-03 23:39 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-03-14 18:05 - 2017-03-03 23:39 - 00602256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-03-14 18:05 - 2017-03-03 23:29 - 00535088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-03-14 18:05 - 2017-03-03 23:12 - 00987488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-03-14 18:05 - 2017-03-03 22:43 - 00306832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-03-14 18:05 - 2017-03-03 22:41 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-03-14 18:05 - 2017-03-03 22:41 - 01118208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-03-14 18:05 - 2017-03-03 22:41 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-03-14 18:05 - 2017-03-03 22:41 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-03-14 18:05 - 2017-03-03 22:41 - 00701384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-03-14 18:05 - 2017-03-03 22:40 - 01349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-03-14 18:05 - 2017-03-03 22:40 - 00925064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-03-14 18:05 - 2017-03-03 22:40 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-03-14 18:05 - 2017-03-03 22:34 - 01824272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-03-14 18:05 - 2017-03-03 22:33 - 02942536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-14 18:05 - 2017-03-03 22:33 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-03-14 18:05 - 2017-03-03 22:30 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-03-14 18:05 - 2017-03-03 22:29 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-03-14 18:05 - 2017-03-03 22:29 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-03-14 18:05 - 2017-03-03 22:29 - 04075184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-03-14 18:05 - 2017-03-03 22:29 - 00836752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-03-14 18:05 - 2017-03-03 22:29 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-03-14 18:05 - 2017-03-03 22:25 - 00268040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-03-14 18:05 - 2017-03-03 21:58 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2017-03-14 18:05 - 2017-03-03 21:55 - 01370224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-14 18:05 - 2017-03-03 21:27 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-03-14 18:05 - 2017-03-03 21:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2017-03-14 18:05 - 2017-03-03 21:16 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-03-14 18:05 - 2017-03-03 21:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-03-14 18:05 - 2017-03-03 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-03-14 18:05 - 2017-03-03 21:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2017-03-14 18:05 - 2017-03-03 21:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2017-03-14 18:05 - 2017-03-03 21:03 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-03-14 18:05 - 2017-03-03 20:57 - 00938496 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2017-03-14 18:05 - 2017-03-03 20:57 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-03-14 18:05 - 2017-03-03 20:56 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-03-14 18:05 - 2017-03-03 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-03-14 18:05 - 2017-03-03 20:47 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-03-14 18:05 - 2017-03-03 20:45 - 00395776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-03-14 18:05 - 2017-03-03 20:45 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-03-14 18:05 - 2017-03-03 20:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-03-14 18:05 - 2017-03-03 20:42 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-03-14 18:05 - 2017-03-03 20:42 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2017-03-14 18:05 - 2017-03-03 20:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-03-14 18:05 - 2017-03-03 20:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 18:05 - 2017-03-03 20:33 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2017-03-14 18:05 - 2017-03-03 20:33 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-03-14 18:05 - 2017-03-03 20:33 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-03-14 18:05 - 2017-03-03 20:33 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-03-14 18:05 - 2017-03-03 20:33 - 00337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-03-14 18:05 - 2017-03-03 20:32 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-03-14 18:05 - 2017-03-03 20:32 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-03-14 18:05 - 2017-03-03 20:31 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-14 18:05 - 2017-03-03 20:31 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2017-03-14 18:05 - 2017-03-03 20:30 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-14 18:05 - 2017-03-03 20:29 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2017-03-14 18:05 - 2017-03-03 20:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-03-14 18:05 - 2017-03-03 20:28 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2017-03-14 18:05 - 2017-03-03 20:27 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-14 18:05 - 2017-03-03 20:26 - 01586176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-14 18:05 - 2017-03-03 20:26 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2017-03-14 18:05 - 2017-03-03 20:25 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-03-14 18:05 - 2017-03-03 20:25 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-03-14 18:05 - 2017-03-03 20:24 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2017-03-14 18:05 - 2017-03-03 20:24 - 00885248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-14 18:05 - 2017-03-03 20:24 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-03-14 18:05 - 2017-03-03 20:24 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-03-14 18:05 - 2017-03-03 20:23 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-03-14 18:05 - 2017-03-03 20:22 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-03-14 18:05 - 2017-03-03 20:22 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2017-03-14 18:05 - 2017-03-03 20:21 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-03-14 18:05 - 2017-03-03 20:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-03-14 18:05 - 2017-03-03 20:19 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-03-14 18:05 - 2017-03-03 20:18 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2017-03-14 18:05 - 2017-03-03 20:15 - 01986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-14 18:05 - 2017-03-03 20:14 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2017-03-14 18:05 - 2017-03-03 20:08 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2017-03-14 18:05 - 2017-03-03 20:07 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-03-14 18:05 - 2017-03-03 20:07 - 01542656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-14 18:05 - 2017-03-03 20:07 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2017-03-14 18:05 - 2017-03-03 20:00 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-14 18:05 - 2017-03-03 19:59 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-03-14 18:05 - 2017-03-03 19:57 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-03-14 18:05 - 2017-03-03 19:57 - 02878976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-14 18:05 - 2017-03-03 19:57 - 01708032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-03-14 18:05 - 2017-03-03 19:55 - 01860096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-03-14 18:05 - 2017-03-03 19:54 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-03-14 18:05 - 2017-03-03 19:54 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-03-14 18:05 - 2017-03-03 19:52 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-03-14 18:05 - 2017-03-03 19:52 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-03-14 18:05 - 2017-03-03 19:51 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-03-14 18:05 - 2017-03-03 19:51 - 09921024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-03-14 18:05 - 2017-03-03 19:44 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-03-14 18:05 - 2017-03-03 19:41 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-03-14 18:05 - 2017-03-03 19:38 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2017-03-14 18:05 - 2017-03-03 19:36 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-03-14 18:05 - 2017-03-03 19:35 - 05326336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-14 18:05 - 2017-03-03 19:35 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-03-14 18:05 - 2017-03-03 19:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-03-14 18:05 - 2017-03-03 19:31 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-03-14 18:05 - 2017-03-03 19:31 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-03-14 18:05 - 2017-03-03 19:31 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-14 18:05 - 2017-03-03 19:30 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-03-14 18:05 - 2017-03-03 19:29 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2017-03-14 18:05 - 2017-03-03 19:03 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-03-14 18:04 - 2017-03-04 00:01 - 00994760 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2017-03-14 18:04 - 2017-03-03 23:54 - 00989528 _____ (Microsoft Corporation) C:\Windows\System32\SecConfig.efi
2017-03-14 18:04 - 2017-03-03 23:27 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-03-14 18:04 - 2017-03-03 23:18 - 01554152 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2017-03-14 18:04 - 2017-03-03 23:18 - 01552104 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2017-03-14 18:04 - 2017-03-03 23:12 - 00808288 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2017-03-14 18:04 - 2017-03-03 23:07 - 01040792 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.appcore.dll
2017-03-14 18:04 - 2017-03-03 23:06 - 06536248 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2017-03-14 18:04 - 2017-03-03 22:00 - 00119808 _____ (Microsoft Corporation) C:\Windows\System32\UserDataTimeUtil.dll
2017-03-14 18:04 - 2017-03-03 21:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2017-03-14 18:04 - 2017-03-03 21:57 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2017-03-14 18:04 - 2017-03-03 21:41 - 02448752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-03-14 18:04 - 2017-03-03 21:41 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-03-14 18:04 - 2017-03-03 21:40 - 00473616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2017-03-14 18:04 - 2017-03-03 21:40 - 00467440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-03-14 18:04 - 2017-03-03 21:37 - 00351232 _____ (Microsoft Corporation) C:\Windows\System32\NgcCtnr.dll
2017-03-14 18:04 - 2017-03-03 21:35 - 00379392 _____ (Microsoft Corporation) C:\Windows\System32\usocore.dll
2017-03-14 18:04 - 2017-03-03 21:19 - 00339968 _____ (Microsoft Corporation) C:\Windows\System32\SensorService.dll
2017-03-14 18:04 - 2017-03-03 21:15 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdole2.tlb
2017-03-14 18:04 - 2017-03-03 21:11 - 00556544 _____ (Microsoft Corporation) C:\Windows\System32\PsmServiceExtHost.dll
2017-03-14 18:04 - 2017-03-03 21:10 - 00408064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2017-03-14 18:04 - 2017-03-03 21:06 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-03-14 18:04 - 2017-03-03 21:06 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallButtons.dll
2017-03-14 18:04 - 2017-03-03 21:04 - 00584704 _____ (Microsoft Corporation) C:\Windows\System32\ngccredprov.dll
2017-03-14 18:04 - 2017-03-03 21:00 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-03-14 18:04 - 2017-03-03 20:57 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\wuuhext.dll
2017-03-14 18:04 - 2017-03-03 20:57 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\feclient.dll
2017-03-14 18:04 - 2017-03-03 20:55 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2017-03-14 18:04 - 2017-03-03 20:55 - 00286208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-03-14 18:04 - 2017-03-03 20:53 - 00865792 _____ (Microsoft Corporation) C:\Windows\System32\AzureSettingSyncProvider.dll
2017-03-14 18:04 - 2017-03-03 20:49 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-14 18:04 - 2017-03-03 20:49 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-03-14 18:04 - 2017-03-03 20:48 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-03-14 18:04 - 2017-03-03 20:46 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-03-14 18:04 - 2017-03-03 20:41 - 01490432 _____ (Microsoft Corporation) C:\Windows\System32\UserDataService.dll
2017-03-14 18:04 - 2017-03-03 20:26 - 01467904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-03-14 18:04 - 2017-03-03 20:23 - 02280960 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2017-03-14 18:04 - 2017-03-03 20:13 - 00246784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qwave.dll
2017-03-14 18:04 - 2017-03-03 20:05 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Proximity.dll
2017-03-14 18:04 - 2017-03-03 20:03 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rshx32.dll
2017-03-14 18:04 - 2017-03-03 20:01 - 00724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2017-03-14 18:04 - 2017-03-03 19:58 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-03-14 18:04 - 2017-03-03 19:31 - 02911744 _____ (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2017-03-14 18:04 - 2017-03-03 19:20 - 00381440 _____ (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2017-03-14 18:04 - 2017-03-03 19:19 - 01487872 _____ (Microsoft Corporation) C:\Windows\System32\SpeechPal.dll
2017-03-14 18:03 - 2017-03-04 00:13 - 01997832 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2017-03-14 18:03 - 2017-03-04 00:13 - 00800080 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2017-03-14 18:03 - 2017-03-03 23:48 - 01297760 _____ (Microsoft Corporation) C:\Windows\System32\LicenseManager.dll
2017-03-14 18:03 - 2017-03-03 23:19 - 01299504 _____ (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2017-03-14 18:03 - 2017-03-03 23:19 - 00586208 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2017-03-14 18:03 - 2017-03-03 23:19 - 00498952 _____ (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 02544264 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 01152328 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 01092464 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 01062480 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 01017032 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 00858952 _____ (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2017-03-14 18:03 - 2017-03-03 23:18 - 00819648 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2017-03-14 18:03 - 2017-03-03 23:08 - 22560744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2017-03-14 18:03 - 2017-03-03 23:08 - 06605544 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2017-03-14 18:03 - 2017-03-03 22:17 - 00315232 _____ (Microsoft Corporation) C:\Windows\System32\dcntel.dll
2017-03-14 18:03 - 2017-03-03 22:17 - 00038240 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
2017-03-14 18:03 - 2017-03-03 22:16 - 00388896 _____ (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2017-03-14 18:03 - 2017-03-03 22:09 - 00089088 _____ (Microsoft Corporation) C:\Windows\System32\MapsCSP.dll
2017-03-14 18:03 - 2017-03-03 22:09 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2017-03-14 18:03 - 2017-03-03 22:03 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\MosHostClient.dll
2017-03-14 18:03 - 2017-03-03 22:01 - 00824320 _____ (Microsoft Corporation) C:\Windows\System32\WpcWebFilter.dll
2017-03-14 18:03 - 2017-03-03 21:59 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\stdole2.tlb
2017-03-14 18:03 - 2017-03-03 21:57 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\cdpreference.exe
2017-03-14 18:03 - 2017-03-03 21:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\mapsupdatetask.dll
2017-03-14 18:03 - 2017-03-03 21:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\System32\MosStorage.dll
2017-03-14 18:03 - 2017-03-03 21:47 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\MapsBtSvc.dll
2017-03-14 18:03 - 2017-03-03 21:44 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\provisioningcsp.dll
2017-03-14 18:03 - 2017-03-03 21:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\moshost.dll
2017-03-14 18:03 - 2017-03-03 21:34 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\moshostcore.dll
2017-03-14 18:03 - 2017-03-03 21:33 - 00206848 _____ (Microsoft Corporation) C:\Windows\System32\LegacyNetUXHost.exe
2017-03-14 18:03 - 2017-03-03 21:31 - 00185856 _____ C:\Windows\System32\ism32k.dll
2017-03-14 18:03 - 2017-03-03 21:29 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\icm32.dll
2017-03-14 18:03 - 2017-03-03 21:29 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\P2P.dll
2017-03-14 18:03 - 2017-03-03 21:27 - 00531968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2017-03-14 18:03 - 2017-03-03 21:25 - 00567808 _____ (Microsoft Corporation) C:\Windows\System32\MBMediaManager.dll
2017-03-14 18:03 - 2017-03-03 21:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\provengine.dll
2017-03-14 18:03 - 2017-03-03 21:25 - 00287232 _____ (Microsoft Corporation) C:\Windows\System32\provhandlers.dll
2017-03-14 18:03 - 2017-03-03 21:23 - 00463872 _____ (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2017-03-14 18:03 - 2017-03-03 21:22 - 00450048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Bluetooth.dll
2017-03-14 18:03 - 2017-03-03 21:20 - 00460800 _____ (Microsoft Corporation) C:\Windows\System32\MapConfiguration.dll
2017-03-14 18:03 - 2017-03-03 21:19 - 00510464 _____ (Microsoft Corporation) C:\Windows\System32\WlanMediaManager.dll
2017-03-14 18:03 - 2017-03-03 21:19 - 00458752 _____ (Microsoft Corporation) C:\Windows\System32\PlayToDevice.dll
2017-03-14 18:03 - 2017-03-03 21:19 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\cdpsvc.dll
2017-03-14 18:03 - 2017-03-03 21:17 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-03-14 18:03 - 2017-03-03 21:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2017-03-14 18:03 - 2017-03-03 21:16 - 00619520 _____ (Microsoft Corporation) C:\Windows\System32\efswrt.dll
2017-03-14 18:03 - 2017-03-03 21:16 - 00318464 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Cortana.OneCore.dll
2017-03-14 18:03 - 2017-03-03 21:15 - 00695296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys
2017-03-14 18:03 - 2017-03-03 21:13 - 00330240 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 18:03 - 2017-03-03 21:11 - 00359936 _____ (Microsoft Corporation) C:\Windows\System32\SensorsApi.dll
2017-03-14 18:03 - 2017-03-03 21:09 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2017-03-14 18:03 - 2017-03-03 21:09 - 00351232 _____ (Microsoft Corporation) C:\Windows\System32\pnrpsvc.dll
2017-03-14 18:03 - 2017-03-03 21:08 - 01056256 _____ (Microsoft Corporation) C:\Windows\System32\JpMapControl.dll
2017-03-14 18:03 - 2017-03-03 21:08 - 00941568 _____ (Microsoft Corporation) C:\Windows\System32\MiracastReceiver.dll
2017-03-14 18:03 - 2017-03-03 21:08 - 00852992 _____ (Microsoft Corporation) C:\Windows\System32\MapsStore.dll
2017-03-14 18:03 - 2017-03-03 21:08 - 00674304 _____ (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2017-03-14 18:03 - 2017-03-03 21:05 - 00538112 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Cortana.Desktop.dll
2017-03-14 18:03 - 2017-03-03 21:04 - 00697856 _____ (Microsoft Corporation) C:\Windows\System32\PlayToManager.dll
2017-03-14 18:03 - 2017-03-03 21:03 - 01001472 _____ (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2017-03-14 18:03 - 2017-03-03 21:03 - 00988160 _____ (Microsoft Corporation) C:\Windows\System32\NMAA.dll
2017-03-14 18:03 - 2017-03-03 21:02 - 00939520 _____ (Microsoft Corporation) C:\Windows\System32\MapControlCore.dll
2017-03-14 18:03 - 2017-03-03 21:02 - 00817152 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Search.dll
2017-03-14 18:03 - 2017-03-03 21:00 - 00853504 _____ (Microsoft Corporation) C:\Windows\System32\aadtb.dll
2017-03-14 18:03 - 2017-03-03 21:00 - 00842240 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2017-03-14 18:03 - 2017-03-03 20:53 - 02624512 _____ (Microsoft Corporation) C:\Windows\System32\InputService.dll
2017-03-14 18:03 - 2017-03-03 20:49 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2017-03-14 18:03 - 2017-03-03 20:41 - 00286720 _____ (Microsoft Corporation) C:\Windows\System32\qwave.dll
2017-03-14 18:03 - 2017-03-03 20:35 - 00286720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-03-14 18:03 - 2017-03-03 20:33 - 01534464 _____ (Microsoft Corporation) C:\Windows\System32\LocationFramework.dll
2017-03-14 18:03 - 2017-03-03 20:32 - 05123072 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2017-03-14 18:03 - 2017-03-03 20:30 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-14 18:03 - 2017-03-03 20:25 - 00783360 _____ (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2017-03-14 18:03 - 2017-03-03 20:24 - 00931328 _____ (Microsoft Corporation) C:\Windows\System32\MSMPEG2ENC.DLL
2017-03-14 18:03 - 2017-03-03 20:18 - 07977984 _____ (Microsoft Corporation) C:\Windows\System32\mos.dll
2017-03-14 18:03 - 2017-03-03 20:00 - 07200256 _____ (Microsoft Corporation) C:\Windows\System32\BingMaps.dll
2017-03-14 18:03 - 2017-03-03 19:59 - 00882688 _____ (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2017-03-14 18:03 - 2017-03-03 19:52 - 00957952 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2017-03-14 18:03 - 2017-03-03 19:39 - 18672128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-03-14 18:03 - 2017-03-03 19:36 - 03428352 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2017-03-14 18:03 - 2017-03-03 19:36 - 01385472 _____ (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2017-03-14 18:03 - 2017-03-03 19:34 - 02582016 _____ (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2017-03-14 18:03 - 2017-03-03 19:28 - 14258688 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2017-03-14 18:03 - 2017-03-03 19:26 - 12590080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-03-14 18:02 - 2017-03-04 00:13 - 07467872 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2017-03-14 18:02 - 2017-03-04 00:13 - 01098648 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2017-03-14 18:02 - 2017-03-04 00:12 - 02656952 _____ C:\Windows\System32\CoreUIComponents.dll
2017-03-14 18:02 - 2017-03-04 00:09 - 00610632 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2017-03-14 18:02 - 2017-03-04 00:04 - 00687496 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2017-03-14 18:02 - 2017-03-03 23:56 - 01637216 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2017-03-14 18:02 - 2017-03-03 23:49 - 03449168 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2017-03-14 18:02 - 2017-03-03 23:20 - 00118112 _____ (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2017-03-14 18:02 - 2017-03-03 23:12 - 03695152 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2017-03-14 18:02 - 2017-03-03 23:12 - 02607336 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2017-03-14 18:02 - 2017-03-03 22:29 - 00216416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-03-14 18:02 - 2017-03-03 22:27 - 00431456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-03-14 18:02 - 2017-03-03 22:24 - 00420704 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2017-03-14 18:02 - 2017-03-03 22:16 - 02831488 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2017-03-14 18:02 - 2017-03-03 22:16 - 01062992 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2adec.dll
2017-03-14 18:02 - 2017-03-03 22:15 - 00549088 _____ (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2017-03-14 18:02 - 2017-03-03 22:15 - 00521192 _____ (Microsoft Corporation) C:\Windows\System32\DolbyDecMFT.dll
2017-03-14 18:02 - 2017-03-03 21:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2017-03-14 18:02 - 2017-03-03 21:58 - 00078848 _____ (Microsoft Corporation) C:\Windows\System32\LocationFrameworkInternalPS.dll
2017-03-14 18:02 - 2017-03-03 21:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2017-03-14 18:02 - 2017-03-03 21:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2017-03-14 18:02 - 2017-03-03 21:42 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\sscore.dll
2017-03-14 18:02 - 2017-03-03 21:39 - 00297472 _____ (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2017-03-14 18:02 - 2017-03-03 21:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\TabbtnEx.dll
2017-03-14 18:02 - 2017-03-03 21:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2017-03-14 18:02 - 2017-03-03 21:28 - 00267264 _____ (Microsoft Corporation) C:\Windows\System32\apds.dll
2017-03-14 18:02 - 2017-03-03 21:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2017-03-14 18:02 - 2017-03-03 21:26 - 00285184 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2017-03-14 18:02 - 2017-03-03 21:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\setupugc.exe
2017-03-14 18:02 - 2017-03-03 21:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\PhoneService.dll
2017-03-14 18:02 - 2017-03-03 21:10 - 00509440 _____ (Microsoft Corporation) C:\Windows\System32\energy.dll
2017-03-14 18:02 - 2017-03-03 21:08 - 00821760 _____ (Microsoft Corporation) C:\Windows\System32\MrmIndexer.dll
2017-03-14 18:02 - 2017-03-03 21:08 - 00472064 _____ (Microsoft Corporation) C:\Windows\System32\Geolocation.dll
2017-03-14 18:02 - 2017-03-03 21:08 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2017-03-14 18:02 - 2017-03-03 21:05 - 00784896 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2017-03-14 18:02 - 2017-03-03 21:05 - 00602624 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2017-03-14 18:02 - 2017-03-03 21:03 - 02127360 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2017-03-14 18:02 - 2017-03-03 21:03 - 00297472 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2017-03-14 18:02 - 2017-03-03 21:00 - 01239552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Bluetooth.dll
2017-03-14 18:02 - 2017-03-03 21:00 - 00529920 _____ (Microsoft Corporation) C:\Windows\System32\LogonController.dll
2017-03-14 18:02 - 2017-03-03 20:59 - 01900544 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2017-03-14 18:02 - 2017-03-03 20:59 - 01847808 _____ (Microsoft Corporation) C:\Windows\System32\WMPDMC.exe
2017-03-14 18:02 - 2017-03-03 20:59 - 01213440 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2017-03-14 18:02 - 2017-03-03 20:58 - 01752576 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2017-03-14 18:02 - 2017-03-03 20:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\SettingMonitor.dll
2017-03-14 18:02 - 2017-03-03 20:57 - 01040896 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2017-03-14 18:02 - 2017-03-03 20:56 - 01648128 _____ (Microsoft Corporation) C:\Windows\System32\comsvcs.dll
2017-03-14 18:02 - 2017-03-03 20:56 - 00961536 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2017-03-14 18:02 - 2017-03-03 20:55 - 01319424 _____ (Microsoft Corporation) C:\Windows\System32\wifinetworkmanager.dll
2017-03-14 18:02 - 2017-03-03 20:54 - 00549888 _____ (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2017-03-14 18:02 - 2017-03-03 20:54 - 00148992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2017-03-14 18:02 - 2017-03-03 20:50 - 02054144 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2017-03-14 18:02 - 2017-03-03 20:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-14 18:02 - 2017-03-03 20:48 - 00821760 _____ (Microsoft Corporation) C:\Windows\System32\TokenBroker.dll
2017-03-14 18:02 - 2017-03-03 20:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2017-03-14 18:02 - 2017-03-03 20:46 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinFax.dll
2017-03-14 18:02 - 2017-03-03 20:42 - 02436096 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2017-03-14 18:02 - 2017-03-03 20:31 - 00613376 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2017-03-14 18:02 - 2017-03-03 20:29 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-14 18:02 - 2017-03-03 20:25 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-14 18:02 - 2017-03-03 20:24 - 01946112 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2017-03-14 18:02 - 2017-03-03 20:24 - 01729024 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2017-03-14 18:02 - 2017-03-03 20:24 - 01097728 _____ (Microsoft Corporation) C:\Windows\System32\dosvc.dll
2017-03-14 18:02 - 2017-03-03 20:22 - 00995328 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-14 18:02 - 2017-03-03 20:19 - 03404800 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2017-03-14 18:02 - 2017-03-03 20:13 - 02843136 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll
2017-03-14 18:02 - 2017-03-03 20:11 - 02444800 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2017-03-14 18:02 - 2017-03-03 20:10 - 00274432 _____ (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2017-03-14 18:02 - 2017-03-03 20:04 - 00733184 _____ (Microsoft Corporation) C:\Windows\System32\rasapi32.dll
2017-03-14 18:02 - 2017-03-03 20:03 - 00168448 _____ (Microsoft Corporation) C:\Windows\System32\Tabbtn.dll
2017-03-14 18:02 - 2017-03-03 19:58 - 01388032 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2017-03-14 18:02 - 2017-03-03 19:55 - 00856576 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2017-03-14 18:02 - 2017-03-03 19:50 - 16984576 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2017-03-14 18:02 - 2017-03-03 19:48 - 04895744 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2017-03-14 18:02 - 2017-03-03 19:43 - 22375424 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll
2017-03-14 18:02 - 2017-03-03 19:37 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-14 18:02 - 2017-03-03 19:36 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-14 18:02 - 2017-03-03 19:36 - 12134912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-14 18:02 - 2017-03-03 19:34 - 06312448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Search.dll
2017-03-14 18:02 - 2017-03-03 19:33 - 24603136 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2017-03-14 18:02 - 2017-03-03 19:31 - 13392384 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2017-03-14 18:02 - 2017-03-03 19:21 - 05671424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-03-14 18:02 - 2017-03-03 19:19 - 07855616 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll
2017-03-14 18:02 - 2017-01-23 18:22 - 00447095 _____ C:\Windows\System32\ApnDatabase.xml
2017-03-14 18:01 - 2017-03-04 00:10 - 00754664 _____ (Microsoft Corporation) C:\Windows\System32\CoreMessaging.dll
2017-03-14 18:01 - 2017-03-03 23:09 - 00730352 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Shell.Broker.dll
2017-03-14 18:01 - 2017-03-03 23:08 - 04516800 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-03-14 18:01 - 2017-03-03 23:08 - 00725776 _____ (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2017-03-14 18:01 - 2017-03-03 23:08 - 00566112 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2017-03-14 18:01 - 2017-03-03 23:07 - 01540224 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2017-03-14 18:01 - 2017-03-03 23:06 - 00742192 _____ (Microsoft Corporation) C:\Windows\System32\EditionUpgradeManagerObj.dll
2017-03-14 18:01 - 2017-03-03 23:06 - 00692136 _____ (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2017-03-14 18:01 - 2017-03-03 23:04 - 01128104 _____ (Microsoft Corporation) C:\Windows\System32\ClipUp.exe
2017-03-14 18:01 - 2017-03-03 23:04 - 00625000 _____ (Microsoft Corporation) C:\Windows\System32\ClipSVC.dll
2017-03-14 18:01 - 2017-03-03 23:03 - 00341944 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2017-03-14 18:01 - 2017-03-03 22:32 - 02773096 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2017-03-14 18:01 - 2017-03-03 22:32 - 01987424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-03-14 18:01 - 2017-03-03 22:31 - 01594416 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 01617760 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 01294688 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00655200 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00565088 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00343904 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00242528 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00142176 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2017-03-14 18:01 - 2017-03-03 22:17 - 00086368 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2017-03-14 18:01 - 2017-03-03 21:50 - 00584704 _____ (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2017-03-14 18:01 - 2017-03-03 21:40 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\AppCapture.dll
2017-03-14 18:01 - 2017-03-03 21:38 - 00285184 _____ (Microsoft Corporation) C:\Windows\System32\oemlicense.dll
 
2017-03-14 18:01 - 2017-03-03 21:36 - 00356352 _____ (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2017-03-14 18:01 - 2017-03-03 21:31 - 00110080 _____ (Microsoft Corporation) C:\Windows\System32\IdCtrls.dll
2017-03-14 18:01 - 2017-03-03 21:28 - 00198144 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2017-03-14 18:01 - 2017-03-03 21:28 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\certprop.dll
2017-03-14 18:01 - 2017-03-03 21:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\System32\enterprisecsps.dll
2017-03-14 18:01 - 2017-03-03 21:26 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\apprepsync.dll
2017-03-14 18:01 - 2017-03-03 21:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\WinFax.dll
2017-03-14 18:01 - 2017-03-03 21:24 - 00431104 _____ (Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
2017-03-14 18:01 - 2017-03-03 21:24 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\apprepapi.dll
2017-03-14 18:01 - 2017-03-03 21:22 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\APHostService.dll
2017-03-14 18:01 - 2017-03-03 21:21 - 00685568 _____ (Microsoft Corporation) C:\Windows\System32\scapi.dll
2017-03-14 18:01 - 2017-03-03 21:21 - 00370688 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack_win.dll
2017-03-14 18:01 - 2017-03-03 21:20 - 00715264 _____ (Microsoft Corporation) C:\Windows\System32\GamePanel.exe
2017-03-14 18:01 - 2017-03-03 21:16 - 00305152 _____ (Microsoft Corporation) C:\Windows\System32\edputil.dll
2017-03-14 18:01 - 2017-03-03 21:15 - 00630784 _____ (Microsoft Corporation) C:\Windows\System32\MessagingDataModel2.dll
2017-03-14 18:01 - 2017-03-03 21:14 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\RDXTaskFactory.dll
2017-03-14 18:01 - 2017-03-03 21:13 - 00602112 _____ (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2017-03-14 18:01 - 2017-03-03 21:11 - 00492544 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettings.UserAccountsHandlers.dll
2017-03-14 18:01 - 2017-03-03 21:09 - 00791552 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2017-03-14 18:01 - 2017-03-03 21:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2017-03-14 18:01 - 2017-03-03 21:07 - 00915456 _____ (Microsoft Corporation) C:\Windows\System32\configurationclient.dll
2017-03-14 18:01 - 2017-03-03 21:07 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-03-14 18:01 - 2017-03-03 21:07 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\AppReadiness.dll
2017-03-14 18:01 - 2017-03-03 21:07 - 00480768 _____ (Microsoft Corporation) C:\Windows\System32\LockAppBroker.dll
2017-03-14 18:01 - 2017-03-03 21:06 - 02125312 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_Bluetooth.dll
2017-03-14 18:01 - 2017-03-03 21:05 - 00515072 _____ (Microsoft Corporation) C:\Windows\System32\OneDriveSettingSyncProvider.dll
2017-03-14 18:01 - 2017-03-03 21:03 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2017-03-14 18:01 - 2017-03-03 21:02 - 01387008 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2017-03-14 18:01 - 2017-03-03 21:02 - 01159168 _____ (Microsoft Corporation) C:\Windows\System32\ApplicationFrame.dll
2017-03-14 18:01 - 2017-03-03 21:02 - 01054208 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2017-03-14 18:01 - 2017-03-03 21:02 - 00990208 _____ (Microsoft Corporation) C:\Windows\System32\SharedStartModel.dll
2017-03-14 18:01 - 2017-03-03 21:02 - 00870400 _____ (Microsoft Corporation) C:\Windows\System32\modernexecserver.dll
2017-03-14 18:01 - 2017-03-03 21:02 - 00585216 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2017-03-14 18:01 - 2017-03-03 20:58 - 01575936 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Speech.dll
2017-03-14 18:01 - 2017-03-03 20:57 - 02731008 _____ (Microsoft Corporation) C:\Windows\System32\gameux.dll
2017-03-14 18:01 - 2017-03-03 20:55 - 01661952 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2017-03-14 18:01 - 2017-03-03 20:53 - 04456448 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_47.dll
2017-03-14 18:01 - 2017-03-03 20:53 - 01073152 _____ (Microsoft Corporation) C:\Windows\System32\RDXService.dll
2017-03-14 18:01 - 2017-03-03 20:52 - 00236032 _____ (Microsoft Corporation) C:\Windows\System32\licensingdiag.exe
2017-03-14 18:01 - 2017-03-03 20:47 - 01062912 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2017-03-14 18:01 - 2017-03-03 20:47 - 01052160 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2017-03-14 18:01 - 2017-03-03 20:41 - 00701952 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2017-03-14 18:01 - 2017-03-03 20:39 - 01297408 _____ (Microsoft Corporation) C:\Windows\System32\SensorDataService.exe
2017-03-14 18:01 - 2017-03-03 20:35 - 03586560 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2017-03-14 18:01 - 2017-03-03 20:34 - 02610176 _____ (Microsoft Corporation) C:\Windows\System32\NetworkMobileSettings.dll
2017-03-14 18:01 - 2017-03-03 20:31 - 01674240 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2017-03-14 18:01 - 2017-03-03 20:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\dmenrollengine.dll
2017-03-14 18:01 - 2017-03-03 20:24 - 02067968 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2017-03-14 18:01 - 2017-03-03 20:20 - 02175488 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2017-03-14 18:01 - 2017-03-03 20:19 - 01997824 _____ (Microsoft Corporation) C:\Windows\System32\ActiveSyncProvider.dll
2017-03-14 18:01 - 2017-03-03 20:18 - 04826624 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2017-03-14 18:01 - 2017-03-03 20:12 - 02635776 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Logon.dll
2017-03-14 18:01 - 2017-03-03 20:08 - 03585536 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-14 18:01 - 2017-03-03 20:08 - 00984576 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll
2017-03-14 18:01 - 2017-03-03 20:03 - 01390080 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Shell.dll
2017-03-14 18:01 - 2017-03-03 19:56 - 02563584 _____ (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2017-03-14 18:01 - 2017-03-03 19:52 - 01797120 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2017-03-14 18:01 - 2017-03-03 19:43 - 00459776 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2017-03-14 18:01 - 2017-03-03 19:42 - 00651776 _____ (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2017-03-14 18:01 - 2017-03-03 19:41 - 11545600 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2017-03-14 18:01 - 2017-03-03 19:35 - 02352128 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2017-03-14 18:01 - 2017-03-03 19:34 - 00636928 _____ (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2017-03-14 18:01 - 2017-03-03 19:31 - 06976512 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2017-03-14 18:01 - 2017-03-03 19:31 - 03994112 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_nt.dll
2017-03-14 18:00 - 2017-03-04 00:15 - 01030416 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2017-03-14 18:00 - 2017-03-04 00:15 - 00875480 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2017-03-14 18:00 - 2017-03-03 23:55 - 01038176 _____ (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2017-03-14 18:00 - 2017-03-03 23:09 - 00230752 _____ (Microsoft Corporation) C:\Windows\System32\CloudExperienceHost.dll
2017-03-14 18:00 - 2017-03-03 21:49 - 00079872 _____ (Microsoft Corporation) C:\Windows\System32\NcdAutoSetup.dll
2017-03-14 18:00 - 2017-03-03 21:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2017-03-14 18:00 - 2017-03-03 21:38 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\feclient.dll
2017-03-14 18:00 - 2017-03-03 21:29 - 00236544 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2017-03-14 18:00 - 2017-03-03 20:58 - 01717760 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2017-03-14 18:00 - 2017-03-03 20:31 - 01755648 _____ (Microsoft Corporation) C:\Windows\System32\dui70.dll
2017-03-14 18:00 - 2017-03-03 20:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Proximity.dll
2017-03-14 18:00 - 2017-03-03 20:27 - 00342528 _____ (Microsoft Corporation) C:\Windows\System32\configmanager2.dll
2017-03-14 18:00 - 2017-03-03 20:27 - 00126976 _____ (Microsoft Corporation) C:\Windows\System32\rshx32.dll
2017-03-14 18:00 - 2017-03-03 20:08 - 00151040 _____ (Microsoft Corporation) C:\Windows\System32\TabSvc.dll
2017-03-14 18:00 - 2017-03-03 19:13 - 01087488 _____ (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2017-03-13 18:00 - 2017-03-13 18:00 - 00002291 _____ C:\Users\User\Desktop\FarmVille 2.lnk
2017-03-11 08:35 - 2017-03-11 08:35 - 00001279 _____ C:\Users\User\Desktop\Facebook Gameroom.lnk
2017-03-11 08:35 - 2017-03-11 08:35 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2017-03-11 08:32 - 2017-03-11 08:33 - 00252104 _____ (Facebook) C:\Users\User\Downloads\FacebookGameroom (1).exe
2017-03-11 08:32 - 2017-03-11 08:32 - 00252104 _____ (Facebook) C:\Users\User\Downloads\FacebookGameroom.exe
2017-03-08 12:19 - 2017-03-08 12:19 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-08 12:17 - 2017-03-08 12:18 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-08 12:17 - 2017-03-08 12:17 - 00003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-08 12:17 - 2017-03-08 12:17 - 00003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-08 12:16 - 2017-03-08 12:16 - 01129376 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup (1).exe
2017-02-25 04:27 - 2017-03-21 04:43 - 00000000 ___DC C:\Windows\Panther

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-21 10:03 - 2016-11-22 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-21 10:03 - 2015-11-30 18:07 - 00261416 _____ C:\Windows\System32\FNTCACHE.DAT
2017-03-21 04:55 - 2016-07-15 22:04 - 00131072 _____ C:\Windows\System32\config\BBI
2017-03-21 04:55 - 2015-11-30 18:32 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\DevicesFlow
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\oobe
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\appraiser
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\Provisioning
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-21 04:50 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-21 04:50 - 2015-10-29 23:21 - 00000000 ____D C:\Windows\INF
2017-03-21 04:50 - 2015-10-29 22:28 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-21 04:41 - 2015-10-29 22:28 - 00032768 ___SH C:\Windows\System32\config\ELAM
2017-03-21 04:32 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\Registration
2017-03-21 04:31 - 2015-11-30 17:34 - 00027594 _____ C:\Windows\diagerr.xml
2017-03-21 04:31 - 2015-11-30 17:34 - 00026673 _____ C:\Windows\diagwrn.xml
2017-03-21 03:20 - 2012-01-12 04:19 - 00000322 _____ C:\Windows\Tasks\GlaryInitialize.job
2017-03-21 03:07 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\AppReadiness
2017-03-21 03:07 - 2014-12-03 00:27 - 00004148 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{43B7D90F-E22D-4A06-8360-C9EB39BD6607}
2017-03-20 16:57 - 2015-08-06 13:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-20 16:57 - 2014-11-02 08:47 - 00002899 _____ C:\Windows\wininit.ini
2017-03-18 05:11 - 2015-10-29 23:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 09:51 - 2015-10-29 23:11 - 00000000 ____D C:\Windows\CbsTemp
2017-03-15 09:44 - 2013-08-16 01:59 - 00000000 ____D C:\Windows\System32\MRT
2017-03-15 09:40 - 2010-03-31 16:52 - 138634176 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2017-03-14 21:19 - 2016-11-24 16:18 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2017-03-14 19:21 - 2015-11-30 18:15 - 01009692 _____ C:\Windows\System32\PerfStringBackup.INI
2017-03-14 19:10 - 2016-10-02 05:18 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-03-14 19:06 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\Macromed
2017-03-14 19:06 - 2012-07-04 15:21 - 00004374 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 19:05 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 19:02 - 2010-03-31 16:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2017-03-14 19:01 - 2015-02-11 14:26 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2017-03-14 18:34 - 2012-01-12 04:21 - 00000000 ____D C:\Users\User\AppData\Roaming\GlarySoft
2017-03-14 18:18 - 2014-08-13 20:27 - 00192216 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2017-03-14 18:11 - 2016-10-02 05:19 - 00003378 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2017-03-14 18:11 - 2016-10-02 05:19 - 00003024 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2017-03-14 18:11 - 2016-10-02 05:19 - 00001153 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-03-09 20:42 - 2015-10-29 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-09 20:42 - 2015-10-29 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-08 12:37 - 2010-07-22 14:04 - 00000000 ____D C:\Users\User\AppData\Local\Google
2017-02-25 10:44 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\SysWOW64\IME
2017-02-25 10:44 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\NDF
2017-02-25 10:44 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\IME
2017-02-25 10:44 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\schemas
2017-02-25 10:44 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-25 10:44 - 2015-01-05 17:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2017-02-25 10:44 - 2011-03-10 05:15 - 00000000 ____D C:\Windows\System32\SPReview
2017-02-25 10:44 - 2011-03-10 05:14 - 00000000 ____D C:\Windows\System32\EventProviders
2017-02-25 10:44 - 2010-02-12 03:25 - 00000000 ____D C:\Windows\SysWOW64\x64
2017-02-25 10:44 - 2010-02-12 03:25 - 00000000 ____D C:\Windows\SysWOW64\Lang
2017-02-25 10:44 - 2009-09-18 23:44 - 00000000 ____D C:\Windows\SysWOW64\oem
2017-02-25 10:43 - 2015-10-29 23:24 - 00000000 ___SD C:\Windows\Downloaded Program Files
2017-02-25 10:43 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\IME
2017-02-25 10:43 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 10:43 - 2012-04-23 15:55 - 00000000 ____D C:\Windows\en

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2017-03-14 18:01] - [2017-03-03 21:02] - 0585216 ____A (Microsoft Corporation) 046C8307CFB02D0D21CDDBCE5A3C4E3F

C:\Windows\System32\wininit.exe
[2016-05-10 12:48] - [2016-04-22 21:06] - 0291360 ____A (Microsoft Corporation) C1C81AAF533552B3C4D9F11A5FF97700

C:\Windows\explorer.exe
[2017-03-14 18:01] - [2017-03-03 23:08] - 4516800 ____A (Microsoft Corporation) FBE9252AEC157F10485A88E3EF77F9C4

C:\Windows\SysWOW64\explorer.exe
[2017-03-14 18:05] - [2017-03-03 22:29] - 4075184 ____A (Microsoft Corporation) 393A499D11E159E44C276D320B306990

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-12-13 20:00] - [2016-11-22 02:02] - 1399216 ____A (Microsoft Corporation) EB29608D1405D016617EFEBD5B03C0F2

C:\Windows\SysWOW64\User32.dll
[2016-12-13 20:01] - [2016-11-22 00:47] - 1337240 ____A (Microsoft Corporation) EC1C204E1798C1139BA2913618B99D5D

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2016-09-14 17:23] - [2016-09-06 20:30] - 0904704 ____A (Microsoft Corporation) 68E07DF3E6D1DFED440B82D3D33542B1

C:\Windows\System32\dnsapi.dll
[2017-03-14 18:02] - [2017-03-04 00:04] - 0687496 ____A (Microsoft Corporation) 8427BC27A16470C163C050E094DA80AF

C:\Windows\SysWOW64\dnsapi.dll
[2017-03-14 18:05] - [2017-03-03 23:29] - 0535088 ____A (Microsoft Corporation) 7B120B1C8F4951E119E8FB453F9410DD

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 4024.92 MB
Available physical RAM: 3257.15 MB
Total Virtual: 4024.92 MB
Available Virtual: 3296.81 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:411.31 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:12.7 GB) (Free:1.59 GB) NTFS
Drive g: (CHNTPW 0808) (Removable) (Total:29.98 GB) (Free:29.98 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1E341E34)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 0B6DDB39)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)

LastRegBack: 2017-03-15 09:39

==================== End of FRST.txt ============================
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7/8/10: Now please enter System Recovery Options.
On Windows XP: Now please boot into the OTLPE CD.
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if you can boot normally
 

Attachments

  • fixlist.txt
    493 bytes · Views: 1
This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

A
India to build a 10,000 GPU supercomputer for self-sufficient AI development
Replies
6
Views
237
erickmendes
erickmendes
D
Samsung's new entry-level 5G phone has a 6,000mAh battery, offers 4 years of OS updates
Replies
15
Views
265
GeforcerFX
GeforcerFX
D
WhatsApp and Messenger will become interoperable with third-party apps using the Signal...
Replies
0
Views
141
DragonSlayer101
D

Latest posts

Back