Solved Virus Help Needed Please

RachaelA

TS Rookie
Thank you for taking the time to help me. My sister and brother-in-law gave me their computer and said they hadn't used it in a long time because there were viruses. Before coming to this forum, I attempted to fix it myself. I don't think what I did worked. I came here and read what to do. Below please find the file logs requested. Thank you again for your assistance.
 

RachaelA

TS Rookie
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by jsmor_000 (administrator) on HOME-PC (23-01-2019 08:30:03)
Running from C:\Users\jsmor_000\Desktop
Loaded Profiles: Home & jsmor_000 (Available Profiles: Home & jsmor_000)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
() C:\Program Files\pcmax\pcmax.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6160928 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [762368 2013-07-05] (Oracle Corporation)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Steam] => "C:\Program Files (x86)\PIE\Steam\steam.exe" -silent
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Dropbox Update] => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\MountPoints2: {d4113098-27de-11e4-beae-c80aa98b123f} - "G:\VZW_Software_upgrade_assistant.exe"
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [183808 2013-08-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => ff_vfw.dll
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-11-01] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-01-23]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-16]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-06-06]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\jsmor_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{204A0868-B3D7-4DE8-89AF-F9A9003EEA91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4A227A8D-58DE-4BC7-921D-CAC25201CFE1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB6F3422-4053-469D-A1A2-576CF81A42F2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C96D715B-E051-44D5-9E78-456F2542A360}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{D0CFED1C-7C39-402C-959F-C4557795326C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {2CBA769A-317D-4FC5-A2EF-D226DD33326B} URL =
SearchScopes: HKLM-x32 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {9ABD6215-6543-4B66-91F8-5873CF7708C4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> DefaultScope {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1007 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll => No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
 

RachaelA

TS Rookie
I keep getting errors like spam post when trying to post. Please tell me how to contact admin.

[SIZE=5]The following error occurred:[/SIZE]
Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.
 

Broni

Malware Annihilator
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================

Please attach both files.
 

Broni

Malware Annihilator
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by jsmor_000 (administrator) on HOME-PC (23-01-2019 08:30:03)
Running from C:\Users\jsmor_000\Desktop
Loaded Profiles: Home & jsmor_000 (Available Profiles: Home & jsmor_000)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
() C:\Program Files\pcmax\pcmax.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6160928 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [762368 2013-07-05] (Oracle Corporation)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Steam] => "C:\Program Files (x86)\PIE\Steam\steam.exe" -silent
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Dropbox Update] => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\MountPoints2: {d4113098-27de-11e4-beae-c80aa98b123f} - "G:\VZW_Software_upgrade_assistant.exe"
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [183808 2013-08-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => ff_vfw.dll
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-11-01] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-01-23]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-16]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-06-06]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\jsmor_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{204A0868-B3D7-4DE8-89AF-F9A9003EEA91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4A227A8D-58DE-4BC7-921D-CAC25201CFE1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB6F3422-4053-469D-A1A2-576CF81A42F2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C96D715B-E051-44D5-9E78-456F2542A360}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{D0CFED1C-7C39-402C-959F-C4557795326C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {2CBA769A-317D-4FC5-A2EF-D226DD33326B} URL =
SearchScopes: HKLM-x32 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {9ABD6215-6543-4B66-91F8-5873CF7708C4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> DefaultScope {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1007 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll => No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-16] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1007: @nsroblox.roblox.com/launcher -> C:\Users\jsmor_000\AppData\Local\Roblox\Versions\version-e1544481252d4990\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default [2019-01-23]
CHR Extension: (Docs) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-17]
CHR Extension: (Google Drive) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-17]
CHR Extension: (YouTube) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-17]
CHR Extension: (Google Search) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Avast Online Security) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (Gmail) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-16] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
S4 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
S4 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [88720 2014-05-05] (Microsoft Corporation)
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-16] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-16] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-16] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-16] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-16] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-16] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-16] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-16] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-16] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-16] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-23] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
S1 MpKslaf8b41fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B315FCA1-C16F-465E-A068-27E427C3E3D7}\MpKslaf8b41fa.sys [X]
S1 qxdmsyrs; \??\C:\WINDOWS\system32\drivers\qxdmsyrs.sys [X]
S3 X6va019; \??\C:\WINDOWS\SysWOW64\Drivers\X6va019 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-23 08:30 - 2019-01-23 08:31 - 000028929 _____ C:\Users\jsmor_000\Desktop\FRST.txt
2019-01-23 08:29 - 2019-01-23 08:30 - 000000000 ____D C:\FRST
2019-01-23 08:29 - 2019-01-23 08:29 - 000000000 ____D C:\Users\jsmor_000\Desktop\FRST-OlderVersion
2019-01-23 08:28 - 2019-01-23 08:29 - 002428416 _____ (Farbar) C:\Users\jsmor_000\Desktop\FRST64.exe
2019-01-17 18:07 - 2019-01-23 05:59 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-17 13:47 - 2019-01-02 14:05 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-17 13:47 - 2019-01-02 14:05 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-17 12:44 - 2018-03-26 18:24 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-01-17 12:44 - 2018-03-26 18:17 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:24 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:17 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-01-17 10:49 - 2018-11-28 03:34 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-01-17 10:49 - 2018-11-28 03:17 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-01-17 10:49 - 2018-10-12 14:51 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 10:49 - 2018-06-24 10:04 - 000504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-01-17 10:49 - 2017-12-10 08:46 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:24 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:06 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-12-10 07:59 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-02-04 12:19 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2019-01-17 10:49 - 2014-10-28 19:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2019-01-17 10:48 - 2018-12-27 18:38 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 10:48 - 2018-12-27 18:25 - 020279808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 10:48 - 2018-12-27 18:02 - 002295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-01-17 10:48 - 2018-12-27 17:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:45 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:33 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 013680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:29 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:22 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 10:48 - 2018-12-27 17:07 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 10:48 - 2018-12-08 15:22 - 002014152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 10:48 - 2018-12-08 00:56 - 001901896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 10:48 - 2018-11-28 03:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-17 10:48 - 2018-11-28 03:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-17 10:48 - 2018-11-10 14:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-01-17 10:48 - 2018-11-10 11:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-01-17 10:48 - 2018-09-23 11:20 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-17 10:48 - 2018-09-23 10:51 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-17 10:48 - 2018-05-22 23:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2019-01-17 10:48 - 2018-04-07 10:15 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-17 10:48 - 2018-03-09 13:57 - 000276816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-01-17 10:48 - 2018-01-02 00:58 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-17 10:48 - 2017-11-08 10:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2019-01-17 10:48 - 2017-08-06 16:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-01-17 10:48 - 2017-08-06 02:13 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-01-17 10:48 - 2017-05-12 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-17 10:48 - 2017-05-11 21:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-17 10:48 - 2017-04-06 11:35 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-01-17 10:48 - 2016-11-10 21:33 - 001541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-17 10:48 - 2016-11-09 12:25 - 001376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-17 10:48 - 2014-10-28 22:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-01-17 10:47 - 2018-12-27 19:01 - 025738240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 10:47 - 2018-12-27 18:31 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-17 10:47 - 2018-12-27 17:48 - 015284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 10:47 - 2018-12-27 17:41 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:33 - 004860416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 10:47 - 2018-12-27 17:24 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:11 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 10:47 - 2018-12-08 15:22 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 10:47 - 2018-12-08 03:13 - 002534664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 10:47 - 2018-11-28 04:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-01-17 10:47 - 2018-11-03 10:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-17 10:47 - 2018-11-03 10:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-17 10:47 - 2018-10-06 13:14 - 001547192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-17 10:47 - 2018-10-06 13:14 - 000388536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-17 10:47 - 2018-09-23 11:24 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-17 10:47 - 2018-09-23 11:23 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-17 10:47 - 2018-09-23 11:00 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-23 10:53 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-11 10:30 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-17 10:47 - 2018-09-08 13:22 - 001737696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-17 10:47 - 2018-08-28 00:39 - 001491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-17 10:47 - 2018-08-27 22:46 - 001764408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-17 10:47 - 2018-06-30 13:00 - 001113952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-17 10:47 - 2018-06-14 23:34 - 000923512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-17 10:47 - 2018-06-08 13:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-01-17 10:47 - 2018-06-08 12:54 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-01-17 10:47 - 2018-06-08 12:53 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-01-17 10:47 - 2018-06-08 11:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-01-17 10:47 - 2018-04-07 10:34 - 002255360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-17 10:47 - 2018-03-10 11:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2019-01-17 10:47 - 2018-03-10 11:18 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2019-01-17 10:47 - 2018-03-09 16:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-17 10:47 - 2018-01-10 09:48 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-01-17 10:47 - 2018-01-02 01:35 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-01-17 10:47 - 2018-01-02 00:38 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2019-01-17 10:47 - 2017-07-07 22:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-17 10:47 - 2017-05-11 21:58 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-17 10:47 - 2017-01-11 12:28 - 000422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-17 10:47 - 2014-10-28 20:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2019-01-17 10:46 - 2018-12-08 01:25 - 002173040 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 10:46 - 2018-12-08 00:32 - 001563376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 10:46 - 2018-12-08 00:06 - 006286336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2019-01-17 10:46 - 2018-12-07 22:49 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 10:46 - 2018-10-15 22:39 - 001662504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-17 10:46 - 2018-10-15 22:02 - 001214920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-17 10:46 - 2018-10-12 15:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-17 10:46 - 2018-10-05 12:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-17 10:46 - 2018-10-05 11:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-01-17 10:46 - 2018-09-23 11:47 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-17 10:46 - 2018-09-23 11:45 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:37 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-17 10:46 - 2018-09-23 11:23 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-17 10:46 - 2018-09-23 10:58 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-23 10:56 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-17 10:46 - 2018-09-23 10:50 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-12 13:30 - 000137008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-01-17 10:46 - 2018-09-05 10:33 - 013840896 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2019-01-17 10:46 - 2018-09-01 11:43 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-17 10:46 - 2018-08-29 23:21 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2019-01-17 10:46 - 2018-08-29 08:51 - 002451800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-17 10:46 - 2018-08-21 08:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-01-17 10:46 - 2018-07-29 08:44 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-17 10:46 - 2018-07-24 08:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-17 10:46 - 2018-06-24 10:11 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-01-17 10:46 - 2018-06-14 20:26 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-01-17 10:46 - 2018-06-14 20:22 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2019-01-17 10:46 - 2018-06-14 20:19 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-01-17 10:46 - 2018-06-11 11:36 - 003119616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-09 11:26 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-08 13:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-17 10:46 - 2018-06-08 12:07 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-17 10:46 - 2018-05-24 16:29 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-01-17 10:46 - 2018-04-25 12:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-01-17 10:46 - 2018-04-22 03:06 - 000612600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-01-17 10:46 - 2018-04-07 11:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2019-01-17 10:46 - 2018-04-07 11:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2019-01-17 10:46 - 2018-04-06 16:27 - 000376656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-01-17 10:46 - 2018-03-28 20:06 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-17 10:46 - 2018-03-28 20:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
 

Broni

Malware Annihilator
2019-01-17 10:46 - 2018-03-28 19:26 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-01-17 10:46 - 2018-03-10 11:46 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-01-17 10:46 - 2018-03-10 11:35 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-01-17 10:46 - 2018-03-10 11:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2019-01-17 10:46 - 2018-03-10 11:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2019-01-17 10:46 - 2018-03-10 11:20 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2019-01-17 10:46 - 2018-03-10 11:17 - 002240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2019-01-17 10:46 - 2018-03-10 11:17 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-01-17 10:46 - 2018-02-08 12:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-17 10:46 - 2018-01-02 01:37 - 000685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2019-01-17 10:46 - 2018-01-02 00:48 - 000507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2019-01-17 10:46 - 2018-01-02 00:38 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-01-17 10:46 - 2018-01-02 00:37 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-01-17 10:46 - 2017-10-05 02:17 - 000380248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-01-17 10:46 - 2017-09-13 20:18 - 001384216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-01-17 10:46 - 2017-09-13 20:14 - 001124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-01-17 10:46 - 2017-09-07 16:32 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2019-01-17 10:46 - 2017-08-17 17:07 - 000537200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-17 10:46 - 2017-08-17 17:03 - 000450392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-17 10:46 - 2017-06-15 09:14 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2019-01-17 10:46 - 2017-06-15 09:14 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2019-01-17 10:46 - 2017-06-09 08:47 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2019-01-17 10:46 - 2017-05-09 09:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2019-01-17 10:46 - 2017-05-09 09:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2019-01-17 10:46 - 2017-03-31 18:16 - 001968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-01-17 10:46 - 2017-03-31 16:59 - 001612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-01-17 10:46 - 2017-02-04 12:53 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-01-17 10:46 - 2017-01-06 12:25 - 002513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-01-17 10:46 - 2017-01-06 12:04 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-01-17 10:46 - 2016-11-12 16:06 - 000738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2019-01-17 10:46 - 2016-11-12 14:38 - 000613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2019-01-17 10:46 - 2016-05-12 13:38 - 000135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2019-01-17 10:46 - 2016-05-12 12:43 - 000115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2019-01-17 10:46 - 2014-10-28 19:57 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2019-01-17 10:45 - 2018-12-27 17:47 - 001441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 10:45 - 2018-10-15 22:39 - 001063368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 10:45 - 2018-10-15 22:18 - 001137472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-17 10:45 - 2018-08-13 20:22 - 022374608 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-17 10:45 - 2018-08-13 20:19 - 019790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-17 10:45 - 2018-07-24 12:50 - 006522344 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-17 10:45 - 2018-06-14 20:55 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-01-17 10:45 - 2018-06-14 20:43 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-01-17 10:45 - 2018-04-22 04:02 - 000803696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-01-17 10:45 - 2017-09-07 14:54 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-01-17 10:45 - 2017-08-17 17:07 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-01-17 10:45 - 2017-08-17 17:03 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-01-17 10:45 - 2017-04-16 04:07 - 000548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 10:44 - 2018-08-14 14:04 - 004171264 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-01-17 10:44 - 2018-08-09 08:16 - 004876800 _____ (Gracenote, Inc.) C:\WINDOWS\system32\gnsdk_fp.dll
2019-01-17 10:44 - 2018-06-19 08:38 - 003611136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-01-17 10:44 - 2018-06-19 08:38 - 003321344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-01-17 10:44 - 2018-06-16 10:03 - 002779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2019-01-17 10:44 - 2018-06-16 09:59 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000918296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000065880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000021848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000018776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000015192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000013152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000020824 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000019288 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000016216 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000014168 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-01-17 10:44 - 2018-03-24 09:56 - 007033344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-01-17 10:44 - 2018-01-12 13:31 - 004690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-17 10:44 - 2018-01-02 00:38 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-01-17 10:44 - 2018-01-01 23:17 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-17 10:44 - 2018-01-01 22:55 - 003548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-01-17 10:44 - 2017-09-13 08:31 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-01-17 10:44 - 2017-09-09 10:47 - 014466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-17 10:44 - 2017-09-09 10:21 - 012879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-17 10:44 - 2017-06-13 12:11 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-01-17 10:44 - 2017-06-13 03:03 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-01-17 10:44 - 2017-06-13 02:54 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-01-17 10:44 - 2014-10-28 21:49 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-01-17 10:44 - 2014-10-28 21:04 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2019-01-17 10:43 - 2018-12-27 21:12 - 000178128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 10:43 - 2018-12-08 01:34 - 001409480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2019-01-17 10:43 - 2018-12-08 01:34 - 001383880 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 10:43 - 2018-12-08 01:34 - 001354184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 10:43 - 2018-12-08 01:34 - 001284040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2019-01-17 10:43 - 2018-12-07 09:24 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 10:43 - 2018-09-08 13:22 - 001676152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 10:43 - 2018-09-08 13:22 - 001536216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 10:43 - 2018-09-08 13:22 - 001500528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 10:43 - 2018-09-08 13:22 - 001371448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 10:43 - 2018-08-27 20:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-01-17 10:43 - 2018-08-12 15:25 - 000149632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-01-17 10:43 - 2018-07-26 08:21 - 001602048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-01-17 10:43 - 2018-05-15 03:42 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-01-17 10:43 - 2018-05-12 16:11 - 000532664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-17 10:43 - 2018-05-12 16:06 - 000567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 10:43 - 2018-03-24 09:54 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-01-17 10:43 - 2018-02-10 12:09 - 003757056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-01-17 10:43 - 2018-01-11 12:42 - 002923520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2019-01-17 10:43 - 2018-01-02 02:56 - 000397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-01-17 10:43 - 2018-01-02 01:03 - 000341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-01-17 10:43 - 2017-07-21 08:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2019-01-17 10:43 - 2017-07-21 08:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2019-01-17 10:43 - 2017-07-01 08:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2019-01-17 10:43 - 2017-07-01 08:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-01-17 10:43 - 2016-11-19 16:24 - 000152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-01-17 10:43 - 2016-08-11 12:17 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-01-17 10:42 - 2018-12-27 17:11 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-01-17 10:42 - 2018-12-27 17:06 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-01-17 10:42 - 2018-11-10 13:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-17 10:42 - 2018-11-10 11:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-17 10:42 - 2018-11-10 11:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-17 10:42 - 2018-10-06 10:41 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-01-17 10:42 - 2018-10-06 10:34 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-01-17 10:42 - 2018-09-23 11:00 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-17 10:42 - 2018-08-12 09:21 - 001633008 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-17 10:42 - 2018-07-24 12:50 - 001488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-17 10:42 - 2018-05-15 00:47 - 002334624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-17 10:42 - 2018-05-05 14:05 - 001543800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2019-01-17 10:42 - 2018-02-10 11:46 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-01-17 10:42 - 2018-01-12 12:35 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-17 10:42 - 2018-01-11 13:19 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2019-01-17 10:42 - 2018-01-11 12:55 - 002003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2019-01-17 10:42 - 2018-01-01 23:13 - 002252800 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-01-17 10:42 - 2017-08-06 16:20 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-17 10:42 - 2017-03-03 10:11 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2019-01-17 10:42 - 2017-03-03 10:06 - 001501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2019-01-17 10:42 - 2017-01-14 15:32 - 000955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-01-17 10:42 - 2016-08-11 20:58 - 002315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-01-17 10:42 - 2016-08-11 20:58 - 001946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-01-17 10:42 - 2016-07-30 12:12 - 002896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-17 10:42 - 2016-07-30 11:36 - 002537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-17 10:42 - 2014-10-28 19:46 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-01-17 10:41 - 2018-12-27 17:56 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2019-01-17 10:41 - 2018-12-27 17:34 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2019-01-17 10:41 - 2018-07-05 18:17 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-01-17 10:41 - 2018-05-14 23:57 - 002324752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-17 10:41 - 2018-05-05 13:15 - 001178136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2019-01-17 10:41 - 2018-03-03 11:24 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2019-01-17 10:41 - 2018-02-08 12:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-01-17 10:41 - 2018-01-11 13:28 - 001562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2019-01-17 10:41 - 2018-01-11 12:13 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-01-17 10:41 - 2018-01-09 00:19 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2019-01-17 10:41 - 2018-01-08 23:59 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2019-01-17 10:41 - 2017-10-10 11:39 - 001192960 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-01-17 10:41 - 2017-09-08 12:14 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2019-01-17 10:41 - 2017-09-08 11:50 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2019-01-17 10:41 - 2017-01-14 14:18 - 000787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-01-17 10:41 - 2016-08-03 10:42 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-01-17 10:41 - 2016-08-03 10:36 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-01-17 10:40 - 2018-12-27 18:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-17 10:40 - 2018-12-27 18:25 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:40 - 2018-12-27 18:05 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-17 10:40 - 2018-12-27 17:55 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 10:40 - 2018-11-10 11:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-17 10:40 - 2018-08-27 20:36 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-01-17 10:40 - 2018-08-21 08:35 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-01-17 10:40 - 2018-04-07 10:20 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2019-01-17 10:40 - 2018-03-03 11:18 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2019-01-17 10:40 - 2018-01-01 23:16 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-17 10:40 - 2018-01-01 23:11 - 002268160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll
2019-01-17 10:40 - 2018-01-01 23:09 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-01-17 10:40 - 2017-10-10 09:58 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-01-17 10:40 - 2017-07-16 18:55 - 003551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-01-17 10:40 - 2017-06-11 16:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2019-01-17 10:40 - 2017-06-11 15:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2019-01-17 10:40 - 2017-06-06 15:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2019-01-17 10:40 - 2017-05-27 11:38 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2019-01-17 10:40 - 2017-01-10 15:46 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-01-17 10:40 - 2017-01-10 14:09 - 001108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-01-17 10:39 - 2018-12-27 21:12 - 000444368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 10:39 - 2018-12-27 17:11 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 10:39 - 2018-08-09 11:59 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-01-17 10:39 - 2018-07-06 12:14 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-01-17 10:39 - 2018-07-06 11:22 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-01-17 10:39 - 2018-06-14 21:12 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-01-17 10:39 - 2018-05-05 11:38 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-01-17 10:39 - 2018-04-07 10:10 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2019-01-17 10:39 - 2018-03-24 10:40 - 001171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-01-17 10:39 - 2018-03-24 10:22 - 001086976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-01-17 10:39 - 2018-03-03 11:04 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2019-01-17 10:39 - 2018-02-10 14:25 - 000533856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-01-17 10:39 - 2018-02-08 13:21 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2019-01-17 10:39 - 2018-02-08 12:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-01-17 10:39 - 2018-01-01 23:29 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-01-17 10:39 - 2018-01-01 22:56 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-01-17 10:39 - 2017-07-12 15:29 - 000420440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-01-17 10:39 - 2017-06-13 12:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2019-01-17 10:39 - 2017-06-11 17:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2019-01-17 10:39 - 2017-06-06 14:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2019-01-17 10:39 - 2017-06-02 07:06 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-01-17 10:38 - 2018-12-27 19:24 - 000333768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 10:38 - 2018-12-27 17:05 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 10:38 - 2018-09-07 12:39 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-01-17 10:38 - 2018-09-07 11:51 - 002849280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-01-17 10:38 - 2018-06-27 13:10 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-01-17 10:38 - 2018-05-14 21:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-01-17 10:38 - 2018-05-05 11:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-01-17 10:38 - 2018-02-08 12:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-01-17 10:38 - 2018-01-01 23:34 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-01-17 10:38 - 2018-01-01 23:25 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-01-17 10:38 - 2018-01-01 23:17 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2019-01-17 10:38 - 2018-01-01 23:07 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-01-17 10:38 - 2017-09-06 16:17 - 000461144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2019-01-17 10:38 - 2017-07-17 14:53 - 004298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2019-01-17 10:38 - 2017-07-12 15:25 - 000308872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-01-17 10:38 - 2017-06-11 16:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2019-01-17 10:38 - 2017-05-31 16:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-01-17 10:38 - 2017-02-04 12:32 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-01-17 10:38 - 2017-02-04 12:05 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2019-01-17 10:38 - 2017-02-01 14:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-17 10:38 - 2017-01-12 11:51 - 000274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2019-01-17 10:38 - 2016-10-08 17:07 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2019-01-17 10:38 - 2016-10-04 23:15 - 000324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-01-17 10:38 - 2016-09-01 09:33 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2019-01-17 10:38 - 2016-08-25 15:50 - 000747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-01-17 10:38 - 2016-08-25 14:40 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-01-17 10:38 - 2014-10-28 20:52 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-01-17 10:37 - 2018-11-10 13:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-17 10:37 - 2018-10-11 21:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2019-01-17 10:37 - 2018-09-23 11:45 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2019-01-17 10:37 - 2018-08-23 17:54 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-01-17 10:37 - 2018-06-26 10:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2019-01-17 10:37 - 2018-06-26 10:14 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2019-01-17 10:37 - 2018-05-14 22:05 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-01-17 10:37 - 2018-05-14 21:57 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-01-17 10:37 - 2018-05-03 18:02 - 000439640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2019-01-17 10:37 - 2018-04-10 12:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\synthstor.dll
2019-01-17 10:37 - 2018-03-28 19:24 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2019-01-17 10:37 - 2018-03-24 10:34 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2019-01-17 10:37 - 2018-03-03 12:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2019-01-17 10:37 - 2018-03-03 11:18 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2019-01-17 10:37 - 2018-03-03 11:04 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2019-01-17 10:37 - 2018-02-10 14:29 - 000274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-17 10:37 - 2018-01-02 03:00 - 000242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2019-01-17 10:37 - 2018-01-02 03:00 - 000214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-01-17 10:37 - 2018-01-02 01:39 - 000354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-01-17 10:37 - 2018-01-01 23:18 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-01-17 10:37 - 2018-01-01 23:16 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-01-17 10:37 - 2018-01-01 23:06 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-01-17 10:37 - 2017-12-14 18:26 - 000374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-01-17 10:37 - 2017-12-14 16:39 - 000315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-01-17 10:37 - 2017-12-05 11:10 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-01-17 10:37 - 2017-12-05 11:02 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2019-01-17 10:37 - 2017-09-13 08:27 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2019-01-17 10:37 - 2017-08-13 10:52 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2019-01-17 10:37 - 2017-08-11 16:19 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2019-01-17 10:37 - 2017-08-11 16:14 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2019-01-17 10:37 - 2017-08-10 22:27 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-01-17 10:37 - 2017-06-24 11:46 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2019-01-17 10:37 - 2017-06-24 11:16 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2019-01-17 10:37 - 2017-06-13 03:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2019-01-17 10:37 - 2017-06-11 16:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2019-01-17 10:37 - 2017-06-11 16:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2019-01-17 10:37 - 2017-06-11 15:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2019-01-17 10:37 - 2017-06-11 15:13 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2019-01-17 10:37 - 2017-06-06 15:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-01-17 10:37 - 2017-06-06 14:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2019-01-17 10:37 - 2017-06-06 13:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-01-17 10:37 - 2017-06-06 13:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2019-01-17 10:37 - 2017-05-09 09:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2019-01-17 10:37 - 2017-03-09 15:52 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-17 10:37 - 2017-03-09 14:17 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-17 10:37 - 2017-02-11 11:49 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2019-01-17 10:37 - 2017-01-21 14:27 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2019-01-17 10:37 - 2017-01-21 13:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2019-01-17 10:37 - 2016-10-11 15:21 - 000497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-01-17 10:37 - 2016-10-11 15:21 - 000399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-01-17 10:37 - 2016-10-10 13:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2019-01-17 10:37 - 2016-10-09 17:59 - 000551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-17 10:37 - 2016-10-08 16:21 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2019-01-17 10:37 - 2016-10-04 23:15 - 000245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-01-17 10:37 - 2016-09-02 09:05 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2019-01-17 10:37 - 2016-08-03 10:36 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2019-01-17 10:37 - 2016-08-03 10:33 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2019-01-17 10:37 - 2014-10-28 21:11 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2019-01-17 10:36 - 2018-12-27 18:17 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2019-01-17 10:36 - 2018-12-27 17:50 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2019-01-17 10:36 - 2018-12-27 17:49 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2019-01-17 10:36 - 2018-12-27 17:31 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2019-01-17 10:36 - 2018-10-24 19:46 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-17 10:36 - 2018-10-24 19:45 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-17 10:36 - 2018-10-12 15:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2019-01-17 10:36 - 2018-10-12 15:16 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2019-01-17 10:36 - 2018-10-12 15:16 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2019-01-17 10:36 - 2018-10-11 20:58 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2019-01-17 10:36 - 2018-10-05 10:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-01-17 10:36 - 2018-10-05 10:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls
2019-01-17 10:36 - 2018-08-12 12:07 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-01-17 10:36 - 2018-08-12 11:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-01-17 10:36 - 2018-08-09 11:41 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-01-17 10:36 - 2018-07-24 12:50 - 000261408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-01-17 10:36 - 2018-05-14 23:04 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-01-17 10:36 - 2018-04-15 11:55 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-01-17 10:36 - 2018-04-15 11:16 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-01-17 10:36 - 2018-04-10 13:27 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2019-01-17 10:36 - 2018-04-10 12:43 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\synthfcvdev.dll
2019-01-17 10:36 - 2018-04-10 12:01 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2019-01-17 10:36 - 2018-03-24 10:57 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2019-01-17 10:36 - 2018-03-10 15:55 - 000137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2019-01-17 10:36 - 2018-03-10 14:04 - 000120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2019-01-17 10:36 - 2018-03-07 18:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2019-01-17 10:36 - 2018-03-07 18:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2019-01-17 10:36 - 2018-03-03 12:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2019-01-17 10:36 - 2018-02-08 13:18 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2019-01-17 10:36 - 2018-02-08 13:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-17 10:36 - 2018-01-12 13:18 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2019-01-17 10:36 - 2018-01-12 12:26 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2019-01-17 10:36 - 2018-01-11 13:39 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2019-01-17 10:36 - 2018-01-11 13:34 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2019-01-17 10:36 - 2018-01-11 13:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2019-01-17 10:36 - 2018-01-11 13:04 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2019-01-17 10:36 - 2018-01-02 01:05 - 000164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-01-17 10:36 - 2018-01-02 00:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-01-17 10:36 - 2018-01-02 00:34 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-01-17 10:36 - 2018-01-01 23:34 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-01-17 10:36 - 2018-01-01 23:33 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-01-17 10:36 - 2018-01-01 23:32 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-01-17 10:36 - 2018-01-01 23:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-01-17 10:36 - 2018-01-01 23:13 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-01-17 10:36 - 2018-01-01 23:12 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-01-17 10:36 - 2018-01-01 23:11 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2019-01-17 10:36 - 2018-01-01 22:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-01-17 10:36 - 2018-01-01 22:57 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2019-01-17 10:36 - 2017-12-05 11:45 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2019-01-17 10:36 - 2017-12-05 10:58 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2019-01-17 10:36 - 2017-12-05 10:24 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2019-01-17 10:36 - 2017-09-09 12:38 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2019-01-17 10:36 - 2017-09-09 08:13 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2019-01-17 10:36 - 2017-09-09 08:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2019-01-17 10:36 - 2017-09-06 18:07 - 000158552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2019-01-17 10:36 - 2017-08-10 20:41 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2019-01-17 10:36 - 2017-08-01 22:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2019-01-17 10:36 - 2017-07-08 13:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2019-01-17 10:36 - 2017-07-07 22:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys
2019-01-17 10:36 - 2017-07-01 08:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2019-01-17 10:36 - 2017-07-01 08:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2019-01-17 10:36 - 2017-06-06 15:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2019-01-17 10:36 - 2017-06-06 14:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-01-17 10:36 - 2017-06-06 14:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-01-17 10:36 - 2017-06-06 14:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2019-01-17 10:36 - 2017-06-06 13:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2019-01-17 10:36 - 2017-06-06 13:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2019-01-17 10:36 - 2017-06-06 13:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2019-01-17 10:36 - 2017-06-06 13:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2019-01-17 10:36 - 2017-05-02 13:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-01-17 10:36 - 2017-04-06 12:16 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2019-01-17 10:36 - 2017-03-13 11:38 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll
2019-01-17 10:36 - 2017-03-13 11:13 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll
2019-01-17 10:36 - 2017-02-11 11:42 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2019-01-17 10:36 - 2016-12-24 19:48 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2019-01-17 10:36 - 2016-11-19 12:22 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-01-17 10:36 - 2016-10-09 09:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2019-01-17 10:36 - 2016-09-02 09:05 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2019-01-17 10:36 - 2014-10-28 19:59 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-01-17 10:35 - 2018-10-24 19:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2019-01-17 10:35 - 2018-10-11 20:58 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2019-01-17 10:35 - 2018-10-06 11:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-01-17 10:35 - 2018-08-09 12:40 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-01-17 10:35 - 2018-07-18 08:34 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-01-17 10:35 - 2018-04-07 10:41 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2019-01-17 10:35 - 2018-04-07 10:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2019-01-17 10:35 - 2018-04-07 10:06 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2019-01-17 10:35 - 2018-02-10 12:01 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2019-01-17 10:35 - 2018-02-08 12:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2019-01-17 10:35 - 2018-02-08 12:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-17 10:35 - 2018-02-08 12:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2019-01-17 10:35 - 2018-01-02 00:19 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2019-01-17 10:35 - 2018-01-01 23:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2019-01-17 10:35 - 2018-01-01 23:22 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2019-01-17 10:35 - 2018-01-01 23:08 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-01-17 10:35 - 2018-01-01 23:05 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2019-01-17 10:35 - 2017-12-13 00:39 - 000093008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterSvc.dll
2019-01-17 10:35 - 2017-09-06 09:14 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2019-01-17 10:35 - 2017-08-19 12:27 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2019-01-17 10:35 - 2017-08-19 11:48 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2019-01-17 10:35 - 2017-08-11 15:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-01-17 10:35 - 2017-08-10 20:49 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2019-01-17 10:35 - 2017-04-30 11:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls
2019-01-17 10:35 - 2017-03-04 14:06 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2019-01-17 10:35 - 2017-03-04 13:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2019-01-17 10:35 - 2017-01-14 12:49 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-01-17 10:35 - 2017-01-12 11:51 - 000117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2019-01-17 10:35 - 2016-12-24 18:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2019-01-17 10:35 - 2016-10-11 12:47 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2019-01-17 10:35 - 2016-10-11 11:55 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2019-01-17 10:35 - 2016-09-17 13:16 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2019-01-17 10:35 - 2016-09-17 12:21 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2019-01-17 10:35 - 2016-02-02 12:51 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2019-01-17 10:35 - 2016-02-02 12:19 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2019-01-17 10:34 - 2018-10-24 19:51 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2019-01-17 10:34 - 2018-10-06 11:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-01-17 10:34 - 2018-08-13 16:17 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2019-01-17 10:34 - 2018-06-20 11:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-01-17 10:34 - 2018-05-03 18:02 - 000187728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2019-01-17 10:34 - 2018-03-28 20:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-01-17 10:34 - 2018-02-08 13:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-17 10:34 - 2018-02-08 12:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2019-01-17 10:34 - 2018-01-11 13:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2019-01-17 10:34 - 2018-01-02 00:38 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-01-17 10:34 - 2018-01-02 00:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-01-17 10:34 - 2018-01-01 23:09 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-01-17 10:34 - 2017-11-07 15:46 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2019-01-17 10:34 - 2017-10-10 11:36 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-01-17 10:34 - 2017-10-10 11:29 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2019-01-17 10:34 - 2017-07-12 15:25 - 000066112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2019-01-17 10:34 - 2017-07-07 22:14 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
 

Broni

Malware Annihilator
2019-01-17 10:34 - 2017-06-06 14:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2019-01-17 10:34 - 2017-06-06 13:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2019-01-17 10:34 - 2017-03-03 10:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2019-01-17 10:34 - 2017-03-03 10:04 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2019-01-17 10:34 - 2017-02-04 12:17 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2019-01-17 10:34 - 2016-10-09 09:08 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2019-01-17 10:34 - 2016-10-09 09:08 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2019-01-17 10:34 - 2016-09-09 09:03 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-01-17 10:34 - 2016-09-09 09:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-01-17 10:34 - 2016-09-08 09:00 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-01-17 10:34 - 2016-09-03 13:06 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2019-01-17 10:34 - 2016-08-11 13:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2019-01-17 10:34 - 2016-07-23 13:12 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2019-01-17 10:34 - 2016-03-03 11:45 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2019-01-17 10:34 - 2014-11-07 22:24 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2019-01-17 10:34 - 2014-11-04 01:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-01-17 10:34 - 2014-10-28 20:54 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2019-01-17 10:34 - 2014-10-28 20:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2019-01-17 10:34 - 2014-10-28 20:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-01-17 10:34 - 2014-10-28 20:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-01-17 10:34 - 2014-10-28 19:55 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-01-17 10:34 - 2014-10-08 01:54 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsntfy.dll
2019-01-17 10:33 - 2018-12-08 14:00 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 10:33 - 2018-09-28 08:38 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-17 10:33 - 2018-08-13 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-01-17 10:33 - 2018-08-09 11:41 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-01-17 10:33 - 2018-06-20 11:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-01-17 10:33 - 2018-04-07 10:01 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2019-01-17 10:33 - 2018-04-05 12:47 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys
2019-01-17 10:33 - 2018-03-10 12:47 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-01-17 10:33 - 2018-03-07 13:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2019-01-17 10:33 - 2018-03-03 11:15 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2019-01-17 10:33 - 2018-02-08 13:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2019-01-17 10:33 - 2018-01-11 13:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2019-01-17 10:33 - 2018-01-02 02:56 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-01-17 10:33 - 2018-01-02 00:39 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-01-17 10:33 - 2017-12-05 11:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2019-01-17 10:33 - 2017-11-07 16:15 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2019-01-17 10:33 - 2017-10-10 10:42 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2019-01-17 10:33 - 2017-07-12 15:29 - 000075440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2019-01-17 10:33 - 2017-06-06 15:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2019-01-17 10:33 - 2017-06-06 13:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2019-01-17 10:33 - 2017-05-15 17:09 - 000057688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-01-17 10:33 - 2017-05-10 13:19 - 000101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-01-17 10:33 - 2017-03-04 14:24 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-01-17 10:33 - 2017-02-10 09:37 - 000046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2019-01-17 10:33 - 2017-02-04 12:50 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-01-17 10:33 - 2016-09-12 17:03 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-17 10:33 - 2016-09-12 16:01 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-17 10:33 - 2016-08-30 09:11 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-17 10:33 - 2016-08-29 21:45 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2019-01-17 10:33 - 2016-08-12 19:05 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2019-01-17 10:33 - 2016-08-12 17:19 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2019-01-17 10:33 - 2016-06-25 13:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-01-17 10:33 - 2014-11-07 21:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2019-01-17 10:33 - 2014-10-28 21:42 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmiv2.dll
2019-01-17 10:33 - 2014-10-28 21:34 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2019-01-17 10:33 - 2014-10-28 21:30 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2019-01-17 10:33 - 2014-10-28 21:00 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-17 10:33 - 2014-10-28 20:58 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmiv2.dll
2019-01-17 10:33 - 2014-10-28 20:54 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2019-01-17 10:33 - 2014-10-28 20:52 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdhui.dll
2019-01-17 10:33 - 2014-10-28 20:48 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2019-01-17 10:33 - 2014-10-28 20:46 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
2019-01-17 10:33 - 2014-10-28 20:26 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-01-17 10:32 - 2018-12-08 06:23 - 000121272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 10:32 - 2018-09-28 08:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-17 10:32 - 2018-06-20 13:48 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-01-17 10:32 - 2018-06-19 08:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-01-17 10:32 - 2018-05-15 00:47 - 000244304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-17 10:32 - 2018-05-03 18:02 - 000325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-01-17 10:32 - 2018-04-05 12:38 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetVscCoinstall.dll
2019-01-17 10:32 - 2018-03-08 14:53 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2019-01-17 10:32 - 2018-03-07 14:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2019-01-17 10:32 - 2018-02-21 16:09 - 000022816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbldfltr.sys
2019-01-17 10:32 - 2018-01-02 00:39 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2019-01-17 10:32 - 2018-01-02 00:39 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2019-01-17 10:32 - 2018-01-01 23:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2019-01-17 10:32 - 2018-01-01 23:33 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-01-17 10:32 - 2018-01-01 23:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-01-17 10:32 - 2017-12-10 08:58 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-01-17 10:32 - 2017-08-13 12:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2019-01-17 10:32 - 2017-07-08 13:30 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2019-01-17 10:32 - 2017-06-13 12:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2019-01-17 10:32 - 2017-06-13 03:10 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-01-17 10:32 - 2017-05-09 09:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2019-01-17 10:32 - 2017-05-09 09:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2019-01-17 10:32 - 2017-05-02 13:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-01-17 10:32 - 2017-05-02 12:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2019-01-17 10:32 - 2016-09-03 12:21 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2019-01-17 10:32 - 2016-08-12 16:17 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-01-17 10:32 - 2016-02-02 12:01 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2019-01-17 10:32 - 2016-02-02 11:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2019-01-17 10:32 - 2014-11-07 22:56 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2019-01-17 10:32 - 2014-11-07 22:13 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2019-01-17 10:32 - 2014-10-28 22:51 - 000033032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2019-01-17 10:32 - 2014-10-28 22:51 - 000024800 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-01-17 10:32 - 2014-10-28 22:05 - 000026304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2019-01-17 10:32 - 2014-10-28 22:05 - 000020120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-01-17 10:32 - 2014-10-28 21:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshcon.dll
2019-01-17 10:32 - 2014-10-28 21:24 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-01-17 10:32 - 2014-10-28 21:12 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfmon.exe
2019-01-17 10:32 - 2014-10-28 20:53 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\traffic.dll
2019-01-17 10:32 - 2014-10-28 20:51 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshcon.dll
2019-01-17 10:32 - 2014-10-28 20:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsicli.exe
2019-01-17 10:32 - 2014-10-28 20:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-01-17 10:32 - 2014-10-28 20:35 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfmon.exe
2019-01-17 10:32 - 2014-10-28 20:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2019-01-17 10:32 - 2014-10-28 20:21 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2019-01-17 10:32 - 2014-10-28 20:00 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2019-01-17 10:31 - 2018-10-11 21:16 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dispex.dll
2019-01-17 10:31 - 2018-08-13 08:29 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-01-17 10:31 - 2018-06-20 11:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-01-17 10:31 - 2018-06-19 08:29 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-01-17 10:31 - 2018-05-23 00:45 - 000027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-01-17 10:31 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-01-17 10:31 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-01-17 10:31 - 2018-02-10 14:29 - 000124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS
2019-01-17 10:31 - 2018-02-10 14:29 - 000065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS
2019-01-17 10:31 - 2018-02-10 14:29 - 000062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys
2019-01-17 10:31 - 2018-02-10 14:29 - 000021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-01-17 10:31 - 2018-02-10 14:29 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-01-17 10:31 - 2018-02-10 11:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2019-01-17 10:31 - 2018-01-01 23:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-01-17 10:31 - 2017-12-14 05:17 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-01-17 10:31 - 2017-09-07 16:31 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2019-01-17 10:31 - 2017-09-07 14:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2019-01-17 10:31 - 2017-08-10 20:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2019-01-17 10:31 - 2017-07-22 13:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2019-01-17 10:31 - 2017-07-22 12:32 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2019-01-17 10:31 - 2017-07-14 13:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-01-17 10:31 - 2017-06-06 15:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2019-01-17 10:31 - 2017-01-12 10:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys
2019-01-17 10:31 - 2017-01-12 10:03 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2019-01-17 10:31 - 2016-10-10 13:18 - 000069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2019-01-17 10:31 - 2016-09-03 13:20 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2019-01-17 10:31 - 2016-08-12 17:35 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-01-17 10:31 - 2016-07-23 13:18 - 001220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2019-01-17 10:31 - 2014-11-07 22:56 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2019-01-17 10:31 - 2014-11-07 22:13 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2019-01-17 10:31 - 2014-11-07 22:13 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2019-01-17 10:31 - 2014-10-28 23:09 - 000033600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-01-17 10:31 - 2014-10-28 21:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\traffic.dll
2019-01-17 10:31 - 2014-10-28 21:29 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsicli.exe
2019-01-17 10:31 - 2014-10-28 21:18 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2019-01-17 10:31 - 2014-10-28 21:18 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2019-01-17 10:31 - 2014-10-28 21:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcsPlugInService.dll
2019-01-17 10:31 - 2014-10-28 21:16 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-01-17 10:31 - 2014-10-28 21:11 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2019-01-17 10:31 - 2014-10-28 20:58 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\convert.exe
2019-01-17 10:31 - 2014-10-28 20:39 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2019-01-17 10:31 - 2014-10-28 20:39 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2019-01-17 10:31 - 2014-10-28 20:38 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcsPlugInService.dll
2019-01-17 10:31 - 2014-10-28 20:37 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-01-17 10:31 - 2014-10-28 20:29 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2019-01-17 10:31 - 2014-10-28 20:28 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshqos.dll
2019-01-17 10:31 - 2014-10-28 20:26 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetEvtFwdr.exe
2019-01-17 10:31 - 2014-10-28 20:25 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-01-17 10:31 - 2014-10-28 20:05 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshqos.dll
2019-01-17 10:31 - 2014-10-28 20:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2019-01-17 10:30 - 2018-05-14 23:17 - 000032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-01-17 10:30 - 2018-03-28 20:21 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2019-01-17 10:30 - 2018-03-08 13:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2019-01-17 10:30 - 2018-02-10 11:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2019-01-17 10:30 - 2018-02-01 13:51 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-01-17 10:30 - 2018-01-09 01:06 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2019-01-17 10:30 - 2018-01-02 00:39 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-17 10:30 - 2017-07-14 15:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-01-17 10:30 - 2017-07-08 14:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2019-01-17 10:30 - 2017-07-08 12:29 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-01-17 10:30 - 2017-05-09 09:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2019-01-17 10:30 - 2017-04-09 15:40 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-01-17 10:30 - 2017-04-09 14:00 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2019-01-17 10:30 - 2017-04-06 10:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-01-17 10:30 - 2016-10-04 15:08 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-01-17 10:30 - 2016-08-12 19:01 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2019-01-17 10:30 - 2016-08-11 13:33 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2019-01-17 10:30 - 2014-11-07 22:56 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2019-01-17 10:30 - 2014-10-28 21:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\idndl.dll
2019-01-17 10:30 - 2014-10-28 21:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsied.dll
2019-01-17 10:30 - 2014-10-28 21:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2019-01-17 10:30 - 2014-10-28 21:40 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\sccls.dll
2019-01-17 10:30 - 2014-10-28 21:35 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdhui.dll
2019-01-17 10:30 - 2014-10-28 21:00 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\idndl.dll
2019-01-17 10:30 - 2014-10-28 20:58 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2019-01-17 10:30 - 2014-10-28 20:58 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsied.dll
2019-01-17 10:30 - 2014-10-28 20:56 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dispex.dll
2019-01-17 10:30 - 2014-10-28 20:26 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2019-01-17 10:30 - 2014-10-28 20:26 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2019-01-17 10:30 - 2014-10-28 20:19 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2019-01-17 10:30 - 2014-10-28 20:05 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2019-01-17 10:30 - 2014-10-28 19:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2019-01-17 10:29 - 2018-06-27 12:48 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2019-01-17 10:29 - 2018-01-09 00:32 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2019-01-17 10:29 - 2018-01-02 00:31 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2019-01-17 10:29 - 2018-01-02 00:28 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-01-17 10:29 - 2017-08-10 21:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2019-01-17 10:29 - 2016-08-12 19:03 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2019-01-17 10:29 - 2014-10-28 21:43 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2019-01-17 10:29 - 2014-10-28 21:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshnetbs.dll
2019-01-17 10:29 - 2014-10-28 21:33 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2019-01-17 10:29 - 2014-10-28 21:25 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resmon.exe
2019-01-17 10:29 - 2014-10-28 20:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resmon.exe
2019-01-17 10:29 - 2014-10-28 20:28 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-01-17 10:29 - 2014-10-28 20:05 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2019-01-17 10:28 - 2018-08-25 23:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2019-01-17 10:28 - 2018-08-25 23:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2019-01-17 10:28 - 2018-06-20 13:48 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2019-01-17 10:28 - 2018-03-08 13:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2019-01-17 10:28 - 2017-12-05 11:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2019-01-17 10:28 - 2016-08-12 19:02 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2019-01-17 10:28 - 2016-08-11 13:33 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2019-01-17 10:28 - 2014-11-07 23:00 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-01-17 10:28 - 2014-10-28 21:45 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\normaliz.dll
2019-01-17 10:28 - 2014-10-28 21:00 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\normaliz.dll
2019-01-17 10:27 - 2018-03-10 12:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-01-17 10:27 - 2018-03-10 12:43 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2019-01-17 10:27 - 2017-01-21 14:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2019-01-17 10:27 - 2017-01-21 14:27 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2019-01-17 10:27 - 2017-01-21 13:40 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2019-01-17 10:27 - 2017-01-21 13:40 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2019-01-17 10:27 - 2016-07-26 08:40 - 000162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2019-01-17 10:27 - 2016-07-26 08:40 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS
2019-01-17 09:33 - 2016-08-22 11:06 - 000179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2019-01-17 09:33 - 2016-08-22 11:06 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-01-17 09:33 - 2016-08-20 17:55 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2019-01-17 09:33 - 2016-05-12 11:17 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2019-01-17 09:33 - 2016-05-12 11:12 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2019-01-17 09:33 - 2016-05-12 11:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2019-01-17 09:33 - 2016-05-12 10:59 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2019-01-17 09:33 - 2016-05-12 10:43 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2019-01-17 09:33 - 2016-05-12 10:40 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2019-01-17 09:33 - 2016-05-12 10:37 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2019-01-17 09:33 - 2016-04-09 16:58 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-01-17 09:33 - 2016-04-09 16:50 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-01-17 09:33 - 2016-02-06 13:08 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2019-01-17 09:33 - 2016-02-05 14:07 - 000292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2019-01-17 09:33 - 2016-02-05 14:07 - 000243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2019-01-17 09:33 - 2016-01-10 12:50 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2019-01-17 09:33 - 2016-01-10 12:16 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-17 09:33 - 2016-01-10 12:14 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2019-01-17 09:33 - 2016-01-10 12:12 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2019-01-17 09:33 - 2016-01-10 11:51 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-17 09:33 - 2016-01-10 11:49 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2019-01-17 09:33 - 2014-10-28 22:51 - 000047024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2019-01-17 09:33 - 2014-10-28 21:48 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2019-01-17 09:33 - 2014-10-28 21:45 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2019-01-17 09:33 - 2014-10-28 21:45 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2019-01-17 09:33 - 2014-10-28 21:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LAPRXY.DLL
2019-01-17 09:33 - 2014-10-28 21:08 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2019-01-17 09:33 - 2014-10-28 20:51 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LAPRXY.DLL
2019-01-17 09:33 - 2014-10-28 20:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2019-01-17 09:33 - 2014-10-28 20:27 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2019-01-17 09:33 - 2014-10-28 20:25 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipsec.dll
2019-01-17 09:33 - 2014-10-28 20:04 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2019-01-17 09:33 - 2014-10-28 20:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipsec.dll
2019-01-17 09:32 - 2016-08-12 19:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2019-01-17 09:32 - 2016-06-21 13:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-01-17 09:32 - 2016-06-21 09:12 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-01-17 09:32 - 2016-01-31 14:16 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2019-01-17 09:32 - 2015-12-28 16:42 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2019-01-17 09:32 - 2015-12-28 15:31 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2019-01-17 09:32 - 2014-10-28 20:24 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-17 09:30 - 2018-10-12 14:47 - 001049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2019-01-17 09:30 - 2018-10-11 21:01 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2019-01-17 09:30 - 2018-10-11 20:12 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-01-17 09:30 - 2018-07-18 23:33 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2019-01-17 09:30 - 2018-07-18 23:22 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-01-17 09:30 - 2018-07-18 23:21 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-17 09:30 - 2018-07-18 23:03 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2019-01-17 09:30 - 2018-07-18 22:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-01-17 09:30 - 2018-07-18 22:54 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-01-17 09:30 - 2018-02-16 10:51 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2019-01-17 09:30 - 2018-02-16 10:51 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2019-01-17 09:30 - 2018-02-16 10:28 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2019-01-17 09:30 - 2018-02-16 10:24 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2019-01-17 09:30 - 2018-02-16 10:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2019-01-17 09:30 - 2018-02-16 09:37 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2019-01-17 09:30 - 2018-02-16 09:37 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-01-17 09:30 - 2018-02-10 12:03 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2019-01-17 09:30 - 2018-01-02 00:28 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2019-01-17 09:30 - 2018-01-02 00:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2019-01-17 09:30 - 2018-01-02 00:06 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2019-01-17 09:30 - 2018-01-01 23:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2019-01-17 09:30 - 2018-01-01 23:51 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2019-01-17 09:30 - 2018-01-01 23:44 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2019-01-17 09:30 - 2018-01-01 23:34 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2019-01-17 09:30 - 2018-01-01 23:27 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2019-01-17 09:30 - 2017-04-16 03:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2019-01-17 09:30 - 2017-04-16 02:29 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2019-01-17 09:11 - 2016-05-14 15:01 - 000363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-01-17 09:11 - 2016-05-14 15:01 - 000320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-01-17 09:11 - 2016-05-13 16:58 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-01-17 09:11 - 2016-05-13 16:35 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-01-17 09:10 - 2016-04-11 01:21 - 000074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-01-17 09:10 - 2016-03-03 11:13 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2019-01-17 09:09 - 2016-02-04 12:24 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2019-01-17 09:09 - 2016-02-04 12:02 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2019-01-17 09:04 - 2016-08-11 11:26 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2019-01-17 09:04 - 2016-08-11 11:17 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-01-17 09:04 - 2016-08-11 11:16 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-01-17 09:04 - 2014-10-28 21:17 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2019-01-16 20:30 - 2019-01-16 20:30 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\mbam
2019-01-16 20:29 - 2019-01-16 20:29 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\mbamtray
2019-01-16 20:27 - 2019-01-16 20:27 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-16 20:24 - 2019-01-16 20:24 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-16 20:24 - 2019-01-16 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-16 20:24 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-16 18:50 - 2018-06-08 08:15 - 002860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-01-16 17:34 - 2019-01-16 17:35 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\Glyph
2019-01-16 15:39 - 2019-01-16 15:39 - 000003936 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-01-16 15:39 - 2019-01-16 15:39 - 000001227 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2019-01-16 15:38 - 2019-01-16 15:38 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\Sun
2019-01-16 15:38 - 2019-01-16 15:38 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-01-16 14:48 - 2019-01-16 15:40 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\AVAST Software
2019-01-16 14:47 - 2019-01-16 14:47 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\AVAST Software
2019-01-16 14:46 - 2019-01-16 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-16 14:46 - 2019-01-16 14:46 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-16 14:41 - 2019-01-16 14:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-16 14:39 - 2019-01-16 14:39 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-16 14:38 - 2019-01-19 17:04 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-16 14:38 - 2019-01-16 14:40 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-16 14:38 - 2019-01-16 14:38 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-16 14:38 - 2019-01-16 14:37 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-16 14:38 - 2019-01-16 14:37 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-16 14:34 - 2019-01-16 14:34 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-15 18:48 - 2019-01-16 15:38 - 000000000 ____D C:\ProgramData\AVAST Software

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-23 08:28 - 2014-04-29 12:44 - 000000000 __RDO C:\Users\jsmor_000\OneDrive
2019-01-23 08:20 - 2014-04-29 12:48 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3873563209-1122956-651633644-1007
2019-01-23 08:14 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2019-01-23 08:13 - 2014-04-29 12:36 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\Adobe
2019-01-23 08:12 - 2014-04-29 12:43 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\Adobe
2019-01-23 08:10 - 2013-03-11 11:55 - 000000000 ____D C:\ProgramData\McAfee
2019-01-23 02:40 - 2014-06-23 20:40 - 000000000 ____D C:\Program Files\pcmax
2019-01-22 17:56 - 2012-07-26 02:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-19 18:29 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-17 19:39 - 2013-08-22 10:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-17 19:37 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2019-01-17 13:58 - 2015-06-20 22:31 - 000003876 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA
2019-01-17 13:58 - 2015-06-20 22:31 - 000003496 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core
2019-01-17 13:58 - 2015-06-20 22:31 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA.job
2019-01-17 13:58 - 2015-06-20 22:31 - 000000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core.job
2019-01-17 13:50 - 2014-03-18 05:04 - 000981054 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-17 13:45 - 2014-04-29 12:08 - 027715584 _____ C:\WINDOWS\system32\vmguest.iso
2019-01-17 13:42 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-17 13:40 - 2013-01-18 19:34 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-17 13:40 - 2013-01-18 19:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-17 13:36 - 2013-08-22 08:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-01-17 13:25 - 2013-08-22 10:36 - 000000000 ___RD C:\WINDOWS\ToastData
2019-01-17 13:24 - 2014-12-27 19:01 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files\Windows Defender
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-01-17 13:24 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-01-17 13:03 - 2009-07-13 21:34 - 000000505 _____ C:\WINDOWS\win.ini
2019-01-17 12:10 - 2013-08-14 09:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 12:01 - 2013-08-09 10:38 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-16 21:58 - 2014-06-23 20:44 - 000000000 ____D C:\temp
2019-01-16 20:42 - 2013-01-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-16 19:47 - 2014-06-17 11:22 - 000000000 ____D C:\Program Files\McAfee
2019-01-16 19:47 - 2014-06-17 11:22 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-01-16 19:27 - 2013-08-22 08:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2019-01-16 19:27 - 2012-07-26 03:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-16 19:25 - 2016-01-15 00:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-01-16 19:22 - 2012-07-26 00:37 - 000000000 ____D C:\Users\Default.migrated
2019-01-16 18:43 - 2014-05-01 13:13 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-01-16 18:27 - 2010-03-21 03:09 - 000000000 ____D C:\ProgramData\Adobe
2019-01-16 18:25 - 2010-03-21 03:09 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-16 17:41 - 2014-04-29 14:45 - 000000000 ____D C:\Users\jsmor_000\Downloads\SDK8.1
2019-01-16 17:36 - 2014-11-25 17:24 - 000000000 ____D C:\Program Files (x86)\Glyph
2019-01-16 17:19 - 2015-01-24 20:20 - 000000000 ____D C:\Program Files (x86)\PIE
2019-01-16 16:47 - 2013-01-18 19:30 - 000003966 _____ C:\WINDOWS\System32\Tasks\RecoveryCDWin7
2019-01-16 16:47 - 2013-01-18 19:30 - 000003774 _____ C:\WINDOWS\System32\Tasks\Registration
2019-01-16 16:18 - 2013-01-19 10:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 16:14 - 2017-06-25 11:22 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\CrashDumps
2019-01-16 16:14 - 2014-10-24 19:59 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-16 16:14 - 2014-04-29 15:14 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-16 16:13 - 2014-06-17 12:51 - 000000000 __SHD C:\found.001
2019-01-16 16:13 - 2013-03-06 20:57 - 000000000 __SHD C:\found.000
2019-01-16 15:37 - 2013-11-09 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-16 15:36 - 2014-08-29 06:55 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-01-16 15:35 - 2018-04-17 10:17 - 000004468 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-16 15:35 - 2014-08-29 06:55 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-16 15:35 - 2013-08-11 20:19 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-16 15:34 - 2014-07-18 08:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-01-16 15:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-16 15:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-16 14:37 - 2014-06-26 08:29 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf914296c2ad2c
2019-01-16 14:37 - 2013-01-19 10:54 - 000003204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-15 18:44 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppCompat

==================== Files in the root of some directories =======

2017-06-25 10:11 - 2017-06-25 10:11 - 007649280 _____ () C:\Program Files (x86)\GUT95C2.tmp
2013-08-02 19:30 - 2013-08-02 19:30 - 004188160 _____ () C:\Program Files (x86)\GUTAD14.tmp

Some files in TEMP:
====================
2015-02-28 02:09 - 2015-02-28 02:09 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Home\AppData\Local\Temp\drm_dyndata_7370014.dll
2015-02-28 02:09 - 2015-02-28 10:39 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Home\AppData\Local\Temp\drm_dyndata_7380014.dll
2015-06-20 22:36 - 2015-06-20 22:36 - 000043008 _____ () C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphabicx.dll
2015-06-20 22:43 - 2015-06-20 22:43 - 000043008 _____ () C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo5cg13.dll
2014-06-23 21:08 - 2014-04-11 01:59 - 000080296 _____ () C:\Users\Home\AppData\Local\Temp\nspFD3F.tmp.exe
2014-10-02 13:43 - 2014-10-02 13:43 - 000018304 _____ () C:\Users\Home\AppData\Local\Temp\ochelper.dll
2014-10-02 13:43 - 2014-10-02 13:43 - 000021888 _____ () C:\Users\Home\AppData\Local\Temp\ochelper.exe
2014-08-22 12:38 - 2010-06-07 12:13 - 000256752 _____ (SUPERAntiSpyware.com) C:\Users\Home\AppData\Local\Temp\SSUPDATE.EXE
2015-12-02 10:05 - 2015-12-02 10:05 - 000120336 _____ (McAfee, Inc.) C:\Users\jsmor_000\AppData\Local\Temp\McCSPInstall.dll
2019-01-16 19:24 - 2015-12-02 10:05 - 000131344 _____ (McAfee Inc.) C:\Users\jsmor_000\AppData\Local\Temp\mccspuninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-01 10:13

==================== End of FRST.txt ============================
 

Broni

Malware Annihilator
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by jsmor_000 (23-01-2019 08:32:31)
Running from C:\Users\jsmor_000\Desktop
Windows 8.1 Pro (Update) (X64) (2014-04-29 17:26:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3873563209-1122956-651633644-500 - Administrator - Disabled)
Guest (S-1-5-21-3873563209-1122956-651633644-501 - Administrator - Disabled)
Home (S-1-5-21-3873563209-1122956-651633644-1001 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-3873563209-1122956-651633644-1006 - Administrator - Enabled)
jsmor_000 (S-1-5-21-3873563209-1122956-651633644-1007 - Administrator - Enabled) => C:\Users\jsmor_000
snickersoup (S-1-5-21-3873563209-1122956-651633644-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (HKLM-x32\...\{05F508E8-2DC6-4B12-B6A9-51000536216A}) (Version: 2.4 - Microsoft Corporation) Hidden
Application Insights Tools for Visual Studio Express 2013 for Windows (HKLM-x32\...\{02979B31-39AE-4988-B3DD-00F676897F17}) (Version: 2.4 - Microsoft Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{77F3D72C-465F-BD51-890E-CC3914B1365F}) (Version: 8.100.26629 - Microsoft)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Azure Resource Manager Tools (VS 2013) - v1.0 (HKLM-x32\...\{109BF2CC-BA35-4952-B9F1-502F07001DBA}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{CEF27F4B-6A27-4365-A69A-EA1A4EDAA96F}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT082192) (Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT082122) (Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT082124) (Version: 2.2.0.82 - WildTangent) Hidden
Blend for Visual Studio 2012 (HKLM-x32\...\{57F20F04-014D-453F-B6A3-AE9485C4DFAB}) (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (HKLM-x32\...\{532DBCC8-9468-435C-AEF6-30B7F50735A2}) (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (HKLM-x32\...\{834B6E00-F509-40F2-A677-E86261184576}) (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (HKLM-x32\...\{403759F5-1D77-49F4-812D-AF43196E8C74}) (Version: 3.0.30924.0 - Microsoft Corporation) Hidden
BlueLINE Suite (HKLM-x32\...\{F62CC001-0F60-4725-AF3A-0D558ED637A3}) (Version: 1.0.0 - Microsoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{CC1F74DF-058F-406C-BC7D-F14D6E5F7CBD}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{B255880F-8C5E-4FAF-8F9C-7DBA635B2615}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{E43BBAEB-4914-44C6-88C0-E7A1DBD20A91}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build-a-lot 2 (HKLM-x32\...\WT082438) (Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT083477) (Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WT082200) (Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Cloud Deployment Project for Microsoft Visual Studio 2013 - v1.0 (HKLM-x32\...\{0D061E07-8CB8-4EE8-AE6E-B87AE0DEF1C6}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT082396) (Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (HKLM-x32\...\WT082133) (Version: 2.2.0.82 - WildTangent) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{372D17F6-A54E-4A01-B264-1314890FFE61}) (Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
Escape Rosecliff Island (HKLM-x32\...\WT083484) (Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (HKLM-x32\...\WT082442) (Version: 2.2.0.82 - WildTangent) Hidden
FATE (HKLM-x32\...\WT082141) (Version: 2.2.0.82 - WildTangent) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0183 (HKLM-x32\...\{BC146E5F-A2B0-40DB-90E7-2833807E98DF}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Install Finalizer (HKLM-x32\...\{66B42B6A-1A90-4375-89AF-EFF1F709AA2B}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Install Finalizer (HKLM-x32\...\{9182189E-CA6A-4395-BAAA-39F55EDB7127}) (Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
InstallShield 2013 Limited Edition (HKLM-x32\...\{6781C524-2DA2-4182-908C-8B204E0DD47C}) (Version: 20.00.0000 - Flexera Software LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 43 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416043FF}) (Version: 6.0.430 - Oracle)
JavaScript Tooling (HKLM\...\{73468C65-BC53-4D88-9246-75A5BB014DA2}) (Version: 11.0.60315 - Microsoft Corporation) Hidden
Jewel Quest 3 (HKLM-x32\...\WT082443) (Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT082468) (Version: 2.2.0.82 - WildTangent) Hidden
join.me (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kit SDK de vérification de Visual Studio 2012 - fra (HKLM-x32\...\{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
LocalESPC (HKLM-x32\...\{62910715-63E3-0AB0-0B29-99140DE1C15E}) (Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (HKLM-x32\...\{326A5052-061C-F656-31E3-3B73842ABD46}) (Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode4583) (Version: 1.1 - Media Buzz) <==== ATTENTION
Memory Profiler (HKLM-x32\...\{54F76D6C-0EC3-43D9-8BCC-73E31AB0BF06}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Memory Profiler (HKLM-x32\...\{A88AEB8B-A6C5-41BC-8F71-F704DD1E0D00}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (HKLM-x32\...\{916DF45F-3E75-47C1-8ACE-6D87B1646E4F}) (Version: 8.1.40402.2 - Microsoft Corporation)
Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio 2012 (HKLM-x32\...\{F46B1BE6-80B1-4600-BC8C-067E948C0056}) (Version: 1.5.50306.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.5 (HKLM\...\{A46322D1-A353-4F9A-8DA1-C58401E33639}) (Version: 2.5.6496.10 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.5 (HKLM\...\Microsoft Azure Compute Emulator - v2.5) (Version: 2.5.6496.10 - Microsoft Corporation)
Microsoft Azure HDInsight Tools for Visual Studio (HKLM-x32\...\{C6943238-E5DA-412D-850E-54181E5B4B65}) (Version: 1.0.0000.0 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.5 (HKLM\...\{22F9A831-CA56-4406-85FE-47FFB0472804}) (Version: 2.5.1024.161 - Microsoft Corporation)
Microsoft Azure Quickstarts (HKLM-x32\...\{06747CB9-4E28-3164-A1C5-F7FD307F08B5}) (Version: 1.5.0 - Microsoft Corporation)
Microsoft Azure Storage Tools - v3.0.0 (HKLM-x32\...\{870D4E4E-1BE7-42E7-9655-E7792290FCB4}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft Azure Tools for Microsoft Visual Studio 2013 - v2.5 (HKLM-x32\...\{4be5d1d6-933d-4058-853b-047ed1258fc4}) (Version: 2.5.21104.1601 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.30324 - Microsoft Corporation)
Microsoft Hive ODBC Driver (HKLM\...\{AC9970E8-7F55-4F50-A6D3-2BC041589904}) (Version: 1.0.5.5 - Microsoft Corporation)
Microsoft Hive ODBC Driver (HKLM-x32\...\{7A580208-9E61-47FD-9AEB-DDDAA67CF0F6}) (Version: 1.0.5.5 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{59DE4D1C-690E-4397-8A44-B684934E863C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20905.0) (HKLM-x32\...\{23A3E3F8-91B4-4C5A-9E69-6747CF6D426B}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools 2013 (HKLM-x32\...\{2768bca6-2ff2-4cb2-b6fc-654f7b5d6af0}) (Version: 12.0.41025.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0) (HKLM-x32\...\{D2964C0D-477B-4914-B791-1D80E61E85E6}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Premium 2012 (HKLM-x32\...\{ddf0bb95-e254-447e-8472-3470057d9c7e}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSI Development Tools (HKLM-x32\...\{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{4C5FFB59-6222-45CA-9257-EFB93D5E1756}) (Version: 5.1.26 - Oracle Corporation)
MySQL Connector Net 6.7.4 (HKLM-x32\...\{D6952EDA-6AC4-4480-A060-BD6025B15BAD}) (Version: 6.7.4 - Oracle)
MySQL Connector/ODBC 5.2 64bit (community edition) (HKLM\...\{D8053A16-A50E-401C-B162-18119EB7CC33}) (Version: 5.2.5 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{4C102489-D4F3-4324-B573-0802120B1D80}) (Version: 5.6.13 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{7FC20482-AE94-4DF1-90C1-09EDEC416970}) (Version: 5.6.13 - Oracle Corporation)
MySQL For Excel 1.1.1 (HKLM-x32\...\{88C06BF4-9A84-42FE-A0B2-CB3A49DDBBF0}) (Version: 1.1.1 - Oracle)
MySQL for Visual Studio 1.0.2 (HKLM-x32\...\{0D406BCC-D62A-46FB-9AB7-A7BF10FB8B31}) (Version: 1.0.2 - Oracle)
MySQL Installer (HKLM-x32\...\{D8BAC677-5CCD-49FA-BF7D-21F65AB0EE0E}) (Version: 1.3.2.0 - Oracle Corporation)
MySQL Notifier 1.1.4 (HKLM-x32\...\{D7C3E617-EB02-47B3-8D0E-BF3E00D873D5}) (Version: 1.1.4 - Oracle)
MySQL Server 5.6 (HKLM\...\{0B9D4C33-AC1B-4973-B754-FE9EAB03D327}) (Version: 5.6.13 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{6A494EFD-CFC6-4534-9E14-26D3F7D888DE}) (Version: 1.3.4 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{0BBFADE9-0CA5-4AA3-BC90-629CE53952CF}) (Version: 6.0.6 - Oracle Corporation)
Mystery P.I. - The New York Fortune (HKLM-x32\...\WT082456) (Version: 2.2.0.82 - WildTangent) Hidden
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Online Plug-in (HKLM-x32\...\{F390D923-76F1-458E-8218-8C0C156CDCFD}) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Penguins! (HKLM-x32\...\WT082168) (Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT082170) (Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WT082171) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT082172) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT082173) (Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowreShellIntegration.Notifications (HKLM-x32\...\{ED8DFB38-C87B-42B3-A33E-B20DF935C055}) (Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}) (Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (HKLM-x32\...\{2881CFB4-71F9-40C7-8228-6395117C0EDA}) (Version: 1.3 - Microsoft Corporation) Hidden
Python Tools Redirection Template (HKLM-x32\...\{C6028E83-4C47-459F-9EDC-7D1412CBCD97}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2214 - CyberLink Corp.) Hidden
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for Home (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for jsmor_000 (HKU\S-1-5-21-3873563209-1122956-651633644-1007\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
SDK de comprobación de Visual Studio 2012 - esn (HKLM-x32\...\{90EF884E-5253-324C-9C11-63C9DA16BF0C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26629 - Microsoft Corporation) Hidden
Self-service Plug-in (HKLM-x32\...\{47117FCA-0D00-4B6D-9D68-00B763629463}) (Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TextTwist 2 (HKLM-x32\...\WT083491) (Version: 2.2.0.82 - WildTangent) Hidden
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Uninstall Finalizer (HKLM-x32\...\{28F5A97C-F4EE-4945-AA33-8BBE3F93DB89}) (Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Uninstall Finalizer (HKLM-x32\...\{81596E4C-00BB-40D9-9748-1E5464BA563A}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Virtual Families (HKLM-x32\...\WT082188) (Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (HKLM-x32\...\WT082241) (Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2012 Update 3 (KB2707250) (HKLM-x32\...\{29828f33-4679-462a-8c98-1c3507678922}) (Version: 11.0.60610 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (HKLM-x32\...\{0BCC836F-0B28-4090-B58A-64883BAA3B2F}) (Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (HKLM-x32\...\{148878BD-A2A5-4CF1-A103-2BA632F41953}) (Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Wheel of Fortune 2 (HKLM-x32\...\WT082189) (Version: 2.2.0.82 - WildTangent) Hidden
Win 7 Programming (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\bgstore-ccf5399f@@XenDesktop 7.5.Win 7 Programming $S11-5) (Version: 1.0 - Delivered by Citrix)
Windows Azure Authoring Tools - v2.3 (HKLM\...\{CA53F7A1-A71D-4C7F-ABD2-7BDD26FE0D74}) (Version: 2.3.6491.3 - Microsoft Corporation)
Windows Azure Libraries for .NET – v2.3 (HKLM\...\{C0591F2A-45AD-4189-86A7-C2B1DF3D148D}) (Version: 2.3.0424.070 - Microsoft Corporation)
Windows Azure Storage Emulator - v3.4 (HKLM-x32\...\Windows Azure Storage Emulator - v3.4) (Version: 3.4.6848.0 - Microsoft Corporation)
Windows Azure Tools for Microsoft Visual Studio 2012 - v2.3 (HKLM-x32\...\{d330fe59-916f-4dcd-8de7-fbf00e4525b1}) (Version: 2.3.20320.1602 - Microsoft Corporation)
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Phone SDK 8.0 - ENU (HKLM-x32\...\{2348da3b-1257-4a83-a554-b094a08d06d9}) (Version: 11.0.50727.38 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26654 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26629 - Microsoft) Hidden
Zuma's Revenge (HKLM-x32\...\WT082463) (Version: 2.2.0.82 - WildTangent) Hidden
Пакет Visual Studio 2012 Verification SDK - rus (HKLM-x32\...\{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}) (Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03400A49-E088-4E64-B7BD-2B6D42A50D78} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {049EB354-D703-4CCE-83B9-A65A6298B4C1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-16] (AVAST Software)
Task: {09A2123D-EEF1-42CD-AC0D-ABBC6E1FB770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {0C2CD050-3BC6-4D6D-86D5-F9447A56C245} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D258403-ED21-467B-B06B-6CEF3F76273D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D64D0DC-6A62-4ABA-BBDA-21C45BB0ACBD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21807602-3FB6-4391-A01A-AE1E5A7B9EF9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2324907B-B9DE-4E42-9A73-739A4164A30C} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard)
Task: {2446AADD-29D9-4AF1-98DC-69FCD4809528} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {32103B96-5010-4F96-B7CB-D778C6E6E17C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {387125C0-4D4A-48C9-AC39-233B67C7933C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf914296c2ad2c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {47DB8DF2-C3DA-49A9-BD40-9A1F6596C5D1} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-10-24] (AVAST Software)
Task: {482EB467-FFA7-438A-9840-3D2198A417B7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48ECE608-FC61-45B2-AF68-C7702B247F0C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DDE73E5-E045-4E37-8586-C32D06ED35CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {69800895-3305-4200-A533-B25BE0AC1DCC} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: {6B5E45DD-084F-4611-BB92-D887FD2E539D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-16] (AVAST Software)
Task: {6F7967D0-BFDB-46DC-A99B-FE834E56CE29} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {6F7FAB01-1F2C-42F1-AA3E-5588B3A341BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-08-06] (Microsoft)
Task: {849FDFA2-1B3B-40C3-8772-D43B8587F513} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
 

Broni

Malware Annihilator
Task: {878FC747-7A62-4998-8E81-32E738640A19} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {889614A9-1FF4-4C5A-B93B-AB1B4BC22C78} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8FCE48D8-844A-4D52-9630-4A990548F90C} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard)
Task: {9387FFCE-15C1-48E1-96A3-2F1CCC6D5A69} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2CA360F-71BE-4C2E-B3D4-4D3D9ADD99ED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {BF420B8D-BBB4-4E54-A8EC-87915E0C890B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C57E4A05-9E89-475F-BB6F-C86A866E9B1C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C587B023-2C4E-439C-9764-D9E1860E33D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-17] (Microsoft Corporation)
Task: {C87338B8-83E1-4771-A5B7-607D45AB8482} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C9040893-190E-41EF-9F61-495B477FC727} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCDAAB94-991B-439E-BA87-89BCCA92146D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-16] (Adobe Systems Incorporated)
Task: {CE5D081A-E251-486B-A3B4-A5A0A2BAAC9F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8D01363-DEDB-4937-9182-5E624232DF39} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: {DAF5EC28-474C-46AC-BE1B-BBD13F6F3BB0} - System32\Tasks\RunAsStdUser Task => C:\Users\Home\AppData\Local\teeveewatchSA\bin\1.0.8.0\TeeveeWatchSA.exe
Task: {DD3E0A8C-8EA2-4C4B-91A6-6D218A707BE0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {E722F4C8-1DA1-4829-AB10-156F19F94C91} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-16] (Adobe Systems Incorporated)
Task: {EF3D307F-1442-4B9D-9D05-B26F719CC655} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F026C769-5C8E-41C4-B4A4-CD2B575C2B11} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA6A01D4-6234-4F3F-9E19-2542C256204B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core.job => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA.job => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-05-29 06:16 - 2014-05-29 06:16 - 000241344 _____ () C:\Program Files\pcmax\pcmax.exe
2010-03-21 03:34 - 2009-07-06 14:20 - 000247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-16 14:46 - 2019-01-16 14:46 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-16 14:37 - 2019-01-16 14:37 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-16 20:24 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-16 20:24 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-16 16:18 - 2018-12-12 00:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-16 16:18 - 2018-12-12 00:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-16 15:39 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2019-01-23 08:10 - 000000873 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 d3oxij66pru1i3.cloudfront.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\;C:\Program Files (x86)\Windows Kits\8.0\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\MySQL\MySQL Utilities 1.3.4\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft\Web Platform Installer\
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "HP Quick Launch"
HKLM\...\StartupApproved\Run: => "RtkOSD"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "WirelessAssistant"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\StartupFolder: => "Citrix Receiver.lnk"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F8F9C1389199C5D42EF0F1FE1D081D59"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\Run: => "LightScribe Control Panel"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\StartupApproved\Run: => "Dropbox Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe (Microsoft Corporation)
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe (Microsoft Corporation)
FirewallRules: [{B557FC93-9033-45F8-AAF1-A49043607DE4}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{FCB1E6AC-BA2A-465E-A9BF-85FB7EA7A1F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{10621454-1262-4A79-A806-FF9B55281110}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{EDB5AC92-BB87-4B6F-8625-A9D42707AD02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{35ABED95-3F0C-4E36-8B65-24A7C337A40C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{6C523EF0-4D9A-43BE-AA13-FC4EFD4FFC67}] => (Allow) C:\Makena\There\ThereClient\There.exe No File
FirewallRules: [{580A19F0-9669-4E55-B34D-E3FF12F58F28}] => (Allow) C:\Makena\There\ThereClient\There.exe No File
FirewallRules: [{8AD46CF2-DDC6-45FE-B70E-D97BD4EDB4CB}] => (Allow) LPort=3306
FirewallRules: [{E84BBF26-E300-4BA2-B56E-4A2080A66E8A}] => (Allow) LPort=3306
FirewallRules: [{34133A09-5DBA-4D6F-A579-5C6FA3D7F102}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe (Microsoft Corporation)
FirewallRules: [{7BAA6D37-042E-465C-8E4C-3438D03285A3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation)
FirewallRules: [{339F1547-070D-4E27-BCB5-94E75E417701}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{61E9379C-90A5-4758-B53B-E0B6587F4A36}] => (Allow) svchost.exe (Microsoft Corporation)
FirewallRules: [{67457505-AB61-4C5C-9BDE-05BA2FF0353D}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
FirewallRules: [{36D66869-55F8-41F1-9D5F-94C64DD3BB58}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink Corp.)
FirewallRules: [{FCC9C564-E6E2-4E9F-9B08-15286C253DA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink Corp.)
FirewallRules: [{F2A52396-B3F3-490C-9686-63A3814B547D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{4B3950B4-31EB-4041-87D8-B77B431845FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [TCP Query User{BC28C413-CB59-4A93-A1EF-F87527CCDEB3}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\home\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{C6E46101-B384-4855-B421-7920AE43BB46}C:\users\home\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\home\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [{42C3760A-9616-442F-B5E4-22E7CADC2140}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe (Microsoft Corporation)
FirewallRules: [{94F192EB-8342-424A-BA2B-6BFF519909C0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\X64\VsGraphicsRemoteEngine.exe (Microsoft Corporation)
FirewallRules: [{850376F2-90A8-4AA0-85E5-083129563439}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\VSWinExpress.exe (Microsoft Corporation)
FirewallRules: [{B1E3105C-326B-4503-82F5-5ED2B53E83DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{9F5E31CA-FF7D-4CB9-8A84-86473F3C5C13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{472F7F3D-B95D-4051-87E7-8A0EA09AC5A6}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{5CEC54D3-76DD-4682-B032-6BE630055999}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{80F2021F-99AE-49B9-AD05-6352835C2024}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{D255C70F-D2DF-415C-9296-0006B83DB8E5}] => (Allow) C:\Users\Home\AppData\Local\Temp\speedmax_20140516.exe No File
FirewallRules: [{E99564C2-7F4A-4601-A87F-9382E5B2BD87}] => (Allow) C:\Users\Home\AppData\Local\Temp\speedmax_25252.exe No File
FirewallRules: [{B51E1AE8-B2B8-4026-91C7-F86C3D6B19C9}] => (Allow) C:\Users\Home\AppData\Local\Temp\updater_156412.exe No File
FirewallRules: [{43F40D4C-9770-464D-A6EE-BA7616612CDA}] => (Allow) c:\program files\pcmax\pcmax.exe ()
FirewallRules: [{6DF10017-2912-4EC1-BA28-6D26B966933F}] => (Allow) c:\program files\pcmax\pcmax.exe ()
FirewallRules: [{5CD79084-4118-404E-856B-A52A12106C0F}] => (Allow) c:\program files\pcmax\service.exe No File
FirewallRules: [{CE5EB10E-0ACE-44CE-A3DC-DE514C2042D1}] => (Allow) c:\program files\pcmax\service.exe No File
FirewallRules: [{DB443B62-AABB-46F8-B072-991953C017D4}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551066.exe No File
FirewallRules: [{5ABDB72A-576B-4D7E-80C1-044F06F7B5A3}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551066.exe No File
FirewallRules: [{F6DD39AE-211A-4D22-9EAA-7EF077F001EC}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551247.exe No File
FirewallRules: [{E52665DA-2C70-4FF5-8D4D-5DDF4AD66BF2}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551247.exe No File
FirewallRules: [{A557138E-7882-4C0A-B59B-1A080958A5E8}] => (Allow) C:\WINDOWS\TEMP\file_to_run55809.exe No File
FirewallRules: [{3F90B591-83DA-44D7-B8D4-40A5AA38F694}] => (Allow) C:\WINDOWS\TEMP\file_to_run55809.exe No File
FirewallRules: [{7C80DAC0-A59E-442D-A214-7D293FF5B011}] => (Allow) C:\WINDOWS\TEMP\file_to_run55256.exe No File
FirewallRules: [{6806069B-9A11-470B-935A-73CE87653EFE}] => (Allow) C:\WINDOWS\TEMP\file_to_run55256.exe No File
FirewallRules: [{C9273CE1-9414-4F05-99F5-69844F25C50D}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551526.exe No File
FirewallRules: [{AECB65AF-742E-40C8-B5D7-F84C2457D0E1}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551526.exe No File
FirewallRules: [{06D88582-13BF-457E-9217-E2371D526880}] => (Allow) C:\WINDOWS\TEMP\file_to_run551750.exe No File
FirewallRules: [{054B3E6E-0467-41F0-ACC4-AF3137B688AA}] => (Allow) C:\WINDOWS\TEMP\file_to_run551750.exe No File
FirewallRules: [{7CCA9A25-5374-4675-B61B-70B6BC42213A}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551335.exe No File
FirewallRules: [{4194B3AC-58E7-4347-A17B-6692498A4EAD}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run551335.exe No File
FirewallRules: [{C46E34A1-2091-49C2-8FE6-DF56FEF211FC}] => (Allow) C:\WINDOWS\TEMP\file_to_run55739.exe No File
FirewallRules: [{43D485AD-F3A3-45A8-95DC-1AFC4DDA3167}] => (Allow) C:\WINDOWS\TEMP\file_to_run55739.exe No File
FirewallRules: [{A7CC80D2-54C5-4FD3-A585-F1FAA7971775}] => (Allow) C:\WINDOWS\TEMP\file_to_run55247.exe No File
FirewallRules: [{10842AE8-E5AD-4B23-91B6-DE8D3E421CD2}] => (Allow) C:\WINDOWS\TEMP\file_to_run55247.exe No File
FirewallRules: [{6E6238F0-48B6-4D8E-94A2-8FBBDD5B1B28}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run55482.exe No File
FirewallRules: [{62711A6C-460F-4F72-BACA-69B623E554AD}] => (Allow) C:\Users\Home\AppData\Local\Temp\file_to_run55482.exe No File
FirewallRules: [{96F8E9C8-9995-4447-A9E2-1828031E6176}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe No File
FirewallRules: [{90A136CE-CBFC-4582-A348-138378A01F76}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe No File
FirewallRules: [{1E62B276-0ABE-45ED-B31F-7CE8A25EBE95}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe No File
FirewallRules: [{C1256E63-6727-4483-B744-F9142CC64947}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe No File
FirewallRules: [{E907D102-8895-468C-9B14-BE5EB1491554}] => (Allow) C:\Program Files (x86)\PIE\Steam\Steam.exe No File
FirewallRules: [{A0AC0663-2B95-437D-98A4-4D8B31E6F0E3}] => (Allow) C:\Program Files (x86)\PIE\Steam\Steam.exe No File
FirewallRules: [{6AA8B481-4E6A-4422-A3B8-9A38C22B16EB}] => (Allow) C:\Program Files (x86)\PIE\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{C8F5A4D3-49AC-4343-B620-F85EAD1BA099}] => (Allow) C:\Program Files (x86)\PIE\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{96CAA243-FA43-44A2-96C4-ACA766768D29}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe (Microsoft Corporation)
FirewallRules: [{72DD0A30-AD1E-41B2-B625-089D61A94346}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\Warface\live\nw.exe No File
FirewallRules: [{4A0D9044-FF80-4B26-929B-D28EF80C0B03}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\Warface\live\nw.exe No File
FirewallRules: [{BF777A53-A888-49B8-A7CD-F1B2D175610B}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe No File
FirewallRules: [{98A71CB7-82B8-493D-9395-1D7374A52C81}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe No File
FirewallRules: [{11F07A76-E739-47C5-8E62-C1083808E48D}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{746F4C6C-80BB-4512-8F2D-C2D0B63AE840}] => (Allow) C:\Program Files (x86)\PIE\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{CF0482CA-49B6-494C-86C4-5AAA2413E442}] => (Allow) C:\WINDOWS\TEMP\file_to_run551030.exe No File
FirewallRules: [{E5A40EB0-C65B-4AB0-8229-642229354E91}] => (Allow) C:\WINDOWS\TEMP\file_to_run551030.exe No File
FirewallRules: [{5731C07A-61E9-4E57-958D-F50BB17799B1}] => (Allow) C:\WINDOWS\TEMP\file_to_run55827.exe No File
FirewallRules: [{2DA375CB-8F65-41B4-958B-DB34F68A275F}] => (Allow) C:\WINDOWS\TEMP\file_to_run55827.exe No File
FirewallRules: [{6ADB38A6-82DF-4B7D-9D02-78555CD6D5E5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{4087D774-D53D-47F0-9061-C14D37409286}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{0CD4D77A-0B67-4AB0-B4FD-F83231EE5199}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software)
FirewallRules: [{AC14E89E-2E1F-4235-94F7-C1353141A902}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software)
FirewallRules: [{CCB537D3-85CF-45B6-9CE5-FC4C43002596}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

25-06-2017 12:41:31 Windows Update
17-04-2018 11:06:50 Windows Update
16-01-2019 17:20:38 Removed Homeschool Tracker Library.
16-01-2019 17:23:22 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2019 06:13:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: regsvr32.exe, version: 6.3.9600.16384, time stamp: 0x52158bce
Faulting module name: ntdll.dll, version: 6.3.9600.18895, time stamp: 0x5a4b127e
Exception code: 0xc0000018
Fault offset: 0x0009d4e2
Faulting process id: 0x11d0
Faulting application start time: 0x01d4b2a8150cc785
Faulting application path: C:\WINDOWS\SysWOW64\regsvr32.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 54216c04-1e9b-11e9-bf03-c80aa98b123f
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2019 01:31:15 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Unable to initialize the filter host process. Terminating.

Details:
This operation returned because the timeout period expired. (HRESULT : 0x800705b4) (0x800705b4)

Error: (01/17/2019 10:05:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1033\vcredist_arm.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/17/2019 09:26:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\redist\1033\vcredist_arm.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/17/2019 09:13:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (01/17/2019 09:04:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1033\vcredist_arm.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/17/2019 08:35:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\redist\1033\vcredist_arm.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/17/2019 08:24:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (01/22/2019 04:53:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
The service has not been started.

Error: (01/22/2019 04:53:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
Unspecified error

Error: (01/22/2019 04:53:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (01/20/2019 01:13:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
Unspecified error

Error: (01/20/2019 01:13:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (01/20/2019 01:13:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
Unspecified error

Error: (01/20/2019 01:13:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (01/19/2019 04:54:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
Unspecified error


Windows Defender:
===================================
Date: 2018-04-17 14:59:05.240
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/Peapoon&threatid=213663
Name: Adware:Win32/Peapoon
ID: 213663
Severity: High
Category: Adware
Path: driver:_netfilter64;file:_C:\WINDOWS\system32\drivers\netfilter64.sys
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.265.813.0, AS: 1.265.813.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.14700.5, NIS: 2.1.14600.4

Date: 2017-06-25 20:11:55.865
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/DefaultTab&threatid=207033
Name: BrowserModifier:Win32/DefaultTab
ID: 207033
Severity: High
Category: Browser Modifier
Path: file:_C:\Windows\System32\GroupPolicy\User\Registry.pol
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.247.93.0, AS: 1.247.93.0, NIS: 117.2.0.0
Engine Version: AM: 1.1.13903.0, NIS: 2.1.13804.0

Date: 2017-06-25 20:03:30.639
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/DefaultTab&threatid=207033
Name: BrowserModifier:Win32/DefaultTab
ID: 207033
Severity: High
Category: Browser Modifier
Path: file:_C:\Windows\System32\GroupPolicy\User\Registry.pol
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.247.93.0, AS: 1.247.93.0, NIS: 117.2.0.0
Engine Version: AM: 1.1.13903.0, NIS: 2.1.13804.0

Date: 2017-06-25 19:56:51.887
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/DefaultTab&threatid=207033
Name: BrowserModifier:Win32/DefaultTab
ID: 207033
Severity: High
Category: Browser Modifier
Path: file:_C:\Windows\System32\GroupPolicy\User\Registry.pol
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.247.93.0, AS: 1.247.93.0, NIS: 117.2.0.0
Engine Version: AM: 1.1.13903.0, NIS: 2.1.13804.0

Date: 2014-06-17 12:28:45.234
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {1631930F-6ED6-4D7F-B7D5-F30300A973A4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-16 15:30:54.643
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.15500.2
Previous Engine Version: 1.1.14700.5
Error Code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2019-01-15 19:26:08.687
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-15 19:26:08.672
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.265.813.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14700.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-15 19:26:08.672
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.265.813.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14700.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-15 19:26:08.546
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.265.813.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14700.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2014-06-17 12:28:45.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-17 12:06:46.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{59BC05B3-363E-4E97-ABD9-35F0C56419DF}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2013-08-13 22:20:27.136
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 64%
Total physical RAM: 3893.86 MB
Available physical RAM: 1391.52 MB
Total Virtual: 7861.86 MB
Available Virtual: 4995.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.83 GB) (Free:168.93 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.96 GB) (Free:2.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

\\?\Volume{0921e332-3849-11e2-9904-806e6f6e6963}\ () (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6686A4F6)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=283.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt ============================
 
  • Like
Reactions: RachaelA

Broni

Malware Annihilator
Uninstall following unwanted program:

Media Buzz

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
  • Like
Reactions: RachaelA

RachaelA

TS Rookie
1. I tried to uninstall Media Buzz, I get the following error:
An error occurred when trying to uninstall Media Buzz. It may have already been uninstalled. Would you like to remove media buzz from the programs and features list?
I clicked X should I say yes?

2. I am waiting for your response before I do #2 because I'm not sure if I should move on since I cannot do #1.

3. There is already Malwarebytes installed. Should I uninstall and reinstall?

4. I am waiting for your response before I move on.

THANK YOU SO MUCH.
 

RachaelA

TS Rookie
RogueKiller Anti-Malware V13.1.3.0 (x64) [Jan 24 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 8.1 (6.3.9600) 64 bits
Started in : Normal mode
User : jsmor_000 [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190121_152739, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2019/01/25 07:54:48 (Duration : 00:52:00)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[VT.Detected (Malicious)] pcmax.exe [Search Safer Inc.] -- %ProgramFiles%\pcmax\pcmax.exe -> Killed [Tree]
[Suspicious.Path (Potentially Malicious)] \RunAsStdUser Task -- "C:\Users\Home\AppData\Local\teeveewatchSA\bin\1.0.8.0\TeeveeWatchSA.exe" -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Conduit -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\PIP -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\SP Global -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Torch -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\APN PIP -- -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\Conduit -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\PrivitizeVPNInstallDates -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\StartSearch -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\Torch -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\APN PIP -- -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\Conduit -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\PrivitizeVPNInstallDates -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\StartSearch -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\Torch -- -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\AppDataLow\Software\Conduit -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\AppDataLow\Software\xfin_portal -- -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\AppDataLow\Software\Conduit -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3873563209-1122956-651633644-1001\Software\AppDataLow\Software\xfin_portal -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D255C70F-D2DF-415C-9296-0006B83DB8E5} -- [%_Home_localappdata%\Temp\speedmax_20140516.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E99564C2-7F4A-4601-A87F-9382E5B2BD87} -- [%_Home_localappdata%\Temp\speedmax_25252.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B51E1AE8-B2B8-4026-91C7-F86C3D6B19C9} -- [%_Home_localappdata%\Temp\updater_156412.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DB443B62-AABB-46F8-B072-991953C017D4} -- [%_Home_localappdata%\Temp\file_to_run551066.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5ABDB72A-576B-4D7E-80C1-044F06F7B5A3} -- [%_Home_localappdata%\Temp\file_to_run551066.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F6DD39AE-211A-4D22-9EAA-7EF077F001EC} -- [%_Home_localappdata%\Temp\file_to_run551247.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E52665DA-2C70-4FF5-8D4D-5DDF4AD66BF2} -- [%_Home_localappdata%\Temp\file_to_run551247.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A557138E-7882-4C0A-B59B-1A080958A5E8} -- [%SystemRoot%\TEMP\file_to_run55809.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7C80DAC0-A59E-442D-A214-7D293FF5B011} -- [%SystemRoot%\TEMP\file_to_run55256.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3F90B591-83DA-44D7-B8D4-40A5AA38F694} -- [%SystemRoot%\TEMP\file_to_run55809.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6806069B-9A11-470B-935A-73CE87653EFE} -- [%SystemRoot%\TEMP\file_to_run55256.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AECB65AF-742E-40C8-B5D7-F84C2457D0E1} -- [%_Home_localappdata%\Temp\file_to_run551526.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C9273CE1-9414-4F05-99F5-69844F25C50D} -- [%_Home_localappdata%\Temp\file_to_run551526.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{06D88582-13BF-457E-9217-E2371D526880} -- [%SystemRoot%\TEMP\file_to_run551750.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{054B3E6E-0467-41F0-ACC4-AF3137B688AA} -- [%SystemRoot%\TEMP\file_to_run551750.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7CCA9A25-5374-4675-B61B-70B6BC42213A} -- [%_Home_localappdata%\Temp\file_to_run551335.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{43D485AD-F3A3-45A8-95DC-1AFC4DDA3167} -- [%SystemRoot%\TEMP\file_to_run55739.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C46E34A1-2091-49C2-8FE6-DF56FEF211FC} -- [%SystemRoot%\TEMP\file_to_run55739.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4194B3AC-58E7-4347-A17B-6692498A4EAD} -- [%_Home_localappdata%\Temp\file_to_run551335.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A7CC80D2-54C5-4FD3-A585-F1FAA7971775} -- [%SystemRoot%\TEMP\file_to_run55247.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{10842AE8-E5AD-4B23-91B6-DE8D3E421CD2} -- [%SystemRoot%\TEMP\file_to_run55247.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6E6238F0-48B6-4D8E-94A2-8FBBDD5B1B28} -- [%_Home_localappdata%\Temp\file_to_run55482.exe] -> Deleted
[PUP.Gen1|PUP.SmartApps (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{96F8E9C8-9995-4447-A9E2-1828031E6176} -- [%programfiles(x86)%\Bench\Proxy\proc.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{62711A6C-460F-4F72-BACA-69B623E554AD} -- [%_Home_localappdata%\Temp\file_to_run55482.exe] -> Deleted
[PUP.Gen1|PUP.SmartApps (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{90A136CE-CBFC-4582-A348-138378A01F76} -- [%programfiles(x86)%\Bench\Proxy\pwdg.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E5A40EB0-C65B-4AB0-8229-642229354E91} -- [%SystemRoot%\TEMP\file_to_run551030.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CF0482CA-49B6-494C-86C4-5AAA2413E442} -- [%SystemRoot%\TEMP\file_to_run551030.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2DA375CB-8F65-41B4-958B-DB34F68A275F} -- [%SystemRoot%\TEMP\file_to_run55827.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5731C07A-61E9-4E57-958D-F50BB17799B1} -- [%SystemRoot%\TEMP\file_to_run55827.exe] -> Deleted
[PUP.Gen1 (Potentially Malicious)] APN -- %programdata%\APN -> Deleted
[PUP.Gen1 (Potentially Malicious)] Ask -- %programdata%\Ask -> Deleted
[PUP.Gen1 (Potentially Malicious)] CLSoft LTD -- %programdata%\CLSoft LTD -> Deleted
[PUP.Gen1|PUP.SmartApps (Potentially Malicious)] Bench -- %programfiles(x86)%\Bench -> Deleted
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] Conduit -- %programfiles(x86)%\Conduit -> Deleted
[PUP.Gen1 (Potentially Malicious)] xfin_portal -- %programfiles(x86)%\xfin_portal -> Deleted
[PUP.Gen1|PUP.SmartApps (Potentially Malicious)] Bench -- %programfiles(x86)%\Bench -> Found
[PUP.Gen1|PUP.Conduit (Potentially Malicious)] Conduit -- %programfiles(x86)%\Conduit -> Found
[PUP.Gen1 (Potentially Malicious)] xfin_portal -- %programfiles(x86)%\xfin_portal -> Found
[PUP.Gen1 (Potentially Malicious)] APN -- %_Home_localappdata%\APN -> Deleted
[PUP.Gen1 (Potentially Malicious)] Download Manager -- %_Home_appdata%\Download Manager -> Deleted
 

RachaelA

TS Rookie
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/25/19
Scan Time: 8:02 AM
Log File: 6b4fd392-20a1-11e9-9bd2-00155dab66f8.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.527
Update Package Version: 1.0.8962
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: HOME-PC\jsmor_000

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 408029
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 32 min, 30 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

RachaelA

TS Rookie
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2019
# Duration: 00:00:10
# OS: Windows 8.1 Pro
# Cleaned: 78
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Home\AppData\LocalLow\HPAppData
Deleted C:\Users\Home\AppData\LocalLow\comcasttb
Deleted C:\Users\Home\AppData\Local\VirtualStore\ProgramData\MagniPic
Deleted C:\Users\Home\Documents\PC Speed Maximizer
Deleted C:\Users\Home\AppData\Local\Temp\apn
Deleted C:\Users\jsmor_000\AppData\Local\Temp\apn

***** [ Files ] *****

Deleted C:\END
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Deleted C:\Windows\System32\drivers\SPPD.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|pcreg
Deleted HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|pcreg
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|pcreg
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnTBMon
Deleted HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\AppDataLow\Software\Smartbar
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted HKLM\Software\Wow6432Node\Classes\AppID\PropertySync.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Deleted HKLM\Software\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Deleted HKLM\Software\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Deleted HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Deleted HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{94F192EB-8342-424A-BA2B-6BFF519909C0}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chrome Cleanup Tool logs upload retry

***** [ Chromium (and derivatives) ] *****

Deleted Ask Toolbar
Deleted Ask Toolbar
Deleted Managera
Deleted Extutil
Deleted MySearchDial

***** [ Chromium URLs ] *****

Deleted Mysearchdial
Deleted Privitize VPN
Deleted Mysearchdial

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10190 octets] - [25/01/2019 08:57:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Broni

Malware Annihilator
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 

Broni

Malware Annihilator
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by jsmor_000 (administrator) on HOME-PC (25-01-2019 16:11:30)
Running from C:\Users\jsmor_000\Desktop
Loaded Profiles: Home & jsmor_000 (Available Profiles: Home & jsmor_000)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
() C:\Program Files\pcmax\pcmax.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6160928 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [762368 2013-07-05] (Oracle Corporation)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Steam] => "C:\Program Files (x86)\PIE\Steam\steam.exe" -silent
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Dropbox Update] => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\MountPoints2: {d4113098-27de-11e4-beae-c80aa98b123f} - "G:\VZW_Software_upgrade_assistant.exe"
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [183808 2013-08-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => ff_vfw.dll
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-11-01] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-16]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-06-06]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\jsmor_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{204A0868-B3D7-4DE8-89AF-F9A9003EEA91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4A227A8D-58DE-4BC7-921D-CAC25201CFE1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB6F3422-4053-469D-A1A2-576CF81A42F2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C96D715B-E051-44D5-9E78-456F2542A360}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{D0CFED1C-7C39-402C-959F-C4557795326C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {2CBA769A-317D-4FC5-A2EF-D226DD33326B} URL =
SearchScopes: HKLM-x32 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {9ABD6215-6543-4B66-91F8-5873CF7708C4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> DefaultScope {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1007 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll => No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-16] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1007: @nsroblox.roblox.com/launcher -> C:\Users\jsmor_000\AppData\Local\Roblox\Versions\version-e1544481252d4990\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
CHR Extension: (Docs) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-17]
CHR Extension: (Google Drive) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-17]
CHR Extension: (YouTube) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-17]
CHR Extension: (Google Search) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Avast Online Security) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (Gmail) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-16] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
S4 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
S4 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [88720 2014-05-05] (Microsoft Corporation)
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-16] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-16] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-16] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-16] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-16] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-16] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-16] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-16] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-16] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-16] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2019-01-23] (Malwarebytes)
S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-25] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-01-24] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
S1 MpKslaf8b41fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B315FCA1-C16F-465E-A068-27E427C3E3D7}\MpKslaf8b41fa.sys [X]
S1 qxdmsyrs; \??\C:\WINDOWS\system32\drivers\qxdmsyrs.sys [X]
S3 X6va019; \??\C:\WINDOWS\SysWOW64\Drivers\X6va019 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 16:11 - 2019-01-25 16:12 - 000027998 _____ C:\Users\jsmor_000\Desktop\FRST.txt
2019-01-25 09:07 - 2019-01-25 09:07 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-25 09:06 - 2019-01-25 16:12 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-25 09:06 - 2019-01-25 09:06 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-25 09:05 - 2019-01-25 09:05 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-25 08:56 - 2019-01-25 09:01 - 000000000 ____D C:\AdwCleaner
2019-01-25 08:54 - 2019-01-25 08:55 - 007320272 _____ (Malwarebytes) C:\Users\jsmor_000\Desktop\AdwCleaner.exe
2019-01-24 20:16 - 2019-01-24 20:16 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-01-24 20:15 - 2019-01-24 20:15 - 000000000 ____D C:\ProgramData\RogueKiller
2019-01-24 20:14 - 2019-01-24 20:14 - 000000870 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-01-24 20:14 - 2019-01-24 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-01-24 20:14 - 2019-01-24 20:14 - 000000000 ____D C:\Program Files\RogueKiller
2019-01-24 20:01 - 2019-01-24 20:04 - 029225592 _____ (Adlice Software ) C:\Users\jsmor_000\Desktop\RogueKiller_setup.exe
2019-01-24 17:38 - 2019-01-24 17:38 - 005175704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-23 10:01 - 2019-01-23 10:01 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-23 08:29 - 2019-01-25 16:11 - 000000000 ____D C:\FRST
2019-01-23 08:29 - 2019-01-23 08:29 - 000000000 ____D C:\Users\jsmor_000\Desktop\FRST-OlderVersion
2019-01-23 08:28 - 2019-01-23 08:29 - 002428416 _____ (Farbar) C:\Users\jsmor_000\Desktop\FRST64.exe
2019-01-17 13:47 - 2019-01-02 14:05 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-17 13:47 - 2019-01-02 14:05 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-17 12:44 - 2018-03-26 18:24 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-01-17 12:44 - 2018-03-26 18:17 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:24 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:17 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-01-17 10:49 - 2018-11-28 03:34 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-01-17 10:49 - 2018-11-28 03:17 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-01-17 10:49 - 2018-10-12 14:51 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 10:49 - 2018-06-24 10:04 - 000504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-01-17 10:49 - 2017-12-10 08:46 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:24 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:06 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-12-10 07:59 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-02-04 12:19 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2019-01-17 10:49 - 2014-10-28 19:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2019-01-17 10:48 - 2018-12-27 18:38 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 10:48 - 2018-12-27 18:25 - 020279808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 10:48 - 2018-12-27 18:02 - 002295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-01-17 10:48 - 2018-12-27 17:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:45 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:33 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 013680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:29 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:22 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 10:48 - 2018-12-27 17:07 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 10:48 - 2018-12-08 15:22 - 002014152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 10:48 - 2018-12-08 00:56 - 001901896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 10:48 - 2018-11-28 03:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-17 10:48 - 2018-11-28 03:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-17 10:48 - 2018-11-10 14:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-01-17 10:48 - 2018-11-10 11:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-01-17 10:48 - 2018-09-23 11:20 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-17 10:48 - 2018-09-23 10:51 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-17 10:48 - 2018-05-22 23:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2019-01-17 10:48 - 2018-04-07 10:15 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-17 10:48 - 2018-03-09 13:57 - 000276816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-01-17 10:48 - 2018-01-02 00:58 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-17 10:48 - 2017-11-08 10:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2019-01-17 10:48 - 2017-08-06 16:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-01-17 10:48 - 2017-08-06 02:13 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-01-17 10:48 - 2017-05-12 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-17 10:48 - 2017-05-11 21:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-17 10:48 - 2017-04-06 11:35 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-01-17 10:48 - 2016-11-10 21:33 - 001541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-17 10:48 - 2016-11-09 12:25 - 001376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-17 10:48 - 2014-10-28 22:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-01-17 10:47 - 2018-12-27 19:01 - 025738240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 10:47 - 2018-12-27 18:31 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-17 10:47 - 2018-12-27 17:48 - 015284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 10:47 - 2018-12-27 17:41 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:33 - 004860416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 10:47 - 2018-12-27 17:24 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:11 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 10:47 - 2018-12-08 15:22 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 10:47 - 2018-12-08 03:13 - 002534664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 10:47 - 2018-11-28 04:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-01-17 10:47 - 2018-11-03 10:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-17 10:47 - 2018-11-03 10:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-17 10:47 - 2018-10-06 13:14 - 001547192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-17 10:47 - 2018-10-06 13:14 - 000388536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-17 10:47 - 2018-09-23 11:24 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-17 10:47 - 2018-09-23 11:23 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-17 10:47 - 2018-09-23 11:00 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-23 10:53 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-11 10:30 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-17 10:47 - 2018-09-08 13:22 - 001737696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-17 10:47 - 2018-08-28 00:39 - 001491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-17 10:47 - 2018-08-27 22:46 - 001764408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-17 10:47 - 2018-06-30 13:00 - 001113952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-17 10:47 - 2018-06-14 23:34 - 000923512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-17 10:47 - 2018-06-08 13:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
 

Broni

Malware Annihilator
2019-01-17 10:47 - 2018-06-08 12:54 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-01-17 10:47 - 2018-06-08 12:53 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-01-17 10:47 - 2018-06-08 11:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-01-17 10:47 - 2018-04-07 10:34 - 002255360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-17 10:47 - 2018-03-10 11:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2019-01-17 10:47 - 2018-03-10 11:18 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2019-01-17 10:47 - 2018-03-09 16:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-17 10:47 - 2018-01-10 09:48 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-01-17 10:47 - 2018-01-02 01:35 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-01-17 10:47 - 2018-01-02 00:38 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2019-01-17 10:47 - 2017-07-07 22:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-17 10:47 - 2017-05-11 21:58 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-17 10:47 - 2017-01-11 12:28 - 000422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-17 10:47 - 2014-10-28 20:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2019-01-17 10:46 - 2018-12-08 01:25 - 002173040 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 10:46 - 2018-12-08 00:32 - 001563376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 10:46 - 2018-12-08 00:06 - 006286336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2019-01-17 10:46 - 2018-12-07 22:49 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 10:46 - 2018-10-15 22:39 - 001662504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-17 10:46 - 2018-10-15 22:02 - 001214920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-17 10:46 - 2018-10-12 15:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-17 10:46 - 2018-10-05 12:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-17 10:46 - 2018-10-05 11:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-01-17 10:46 - 2018-09-23 11:47 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-17 10:46 - 2018-09-23 11:45 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:37 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-17 10:46 - 2018-09-23 11:23 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-17 10:46 - 2018-09-23 10:58 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-23 10:56 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-17 10:46 - 2018-09-23 10:50 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-12 13:30 - 000137008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-01-17 10:46 - 2018-09-05 10:33 - 013840896 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2019-01-17 10:46 - 2018-09-01 11:43 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-17 10:46 - 2018-08-29 23:21 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2019-01-17 10:46 - 2018-08-29 08:51 - 002451800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-17 10:46 - 2018-08-21 08:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-01-17 10:46 - 2018-07-29 08:44 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-17 10:46 - 2018-07-24 08:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-17 10:46 - 2018-06-24 10:11 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-01-17 10:46 - 2018-06-14 20:26 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-01-17 10:46 - 2018-06-14 20:22 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2019-01-17 10:46 - 2018-06-14 20:19 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-01-17 10:46 - 2018-06-11 11:36 - 003119616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-09 11:26 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-08 13:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-17 10:46 - 2018-06-08 12:07 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-17 10:46 - 2018-05-24 16:29 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-01-17 10:46 - 2018-04-25 12:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-01-17 10:46 - 2018-04-22 03:06 - 000612600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-01-17 10:46 - 2018-04-07 11:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2019-01-17 10:46 - 2018-04-07 11:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2019-01-17 10:46 - 2018-04-06 16:27 - 000376656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-01-17 10:46 - 2018-03-28 20:06 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-17 10:46 - 2018-03-28 20:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2019-01-17 10:46 - 2018-03-28 19:26 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-01-17 10:46 - 2018-03-10 11:46 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-01-17 10:46 - 2018-03-10 11:35 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-01-17 10:46 - 2018-03-10 11:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2019-01-17 10:46 - 2018-03-10 11:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2019-01-17 10:46 - 2018-03-10 11:20 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2019-01-17 10:46 - 2018-03-10 11:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2019-01-17 10:46 - 2018-03-10 11:17 - 002240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2019-01-17 10:46 - 2018-03-10 11:17 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-01-17 10:46 - 2018-02-08 12:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-17 10:46 - 2018-01-02 01:37 - 000685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2019-01-17 10:46 - 2018-01-02 00:48 - 000507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2019-01-17 10:46 - 2018-01-02 00:38 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-01-17 10:46 - 2018-01-02 00:37 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-01-17 10:46 - 2017-10-05 02:17 - 000380248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-01-17 10:46 - 2017-09-13 20:18 - 001384216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-01-17 10:46 - 2017-09-13 20:14 - 001124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-01-17 10:46 - 2017-09-07 16:32 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2019-01-17 10:46 - 2017-08-17 17:07 - 000537200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-17 10:46 - 2017-08-17 17:03 - 000450392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-17 10:46 - 2017-06-15 09:14 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2019-01-17 10:46 - 2017-06-15 09:14 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2019-01-17 10:46 - 2017-06-09 08:47 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2019-01-17 10:46 - 2017-05-09 09:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2019-01-17 10:46 - 2017-05-09 09:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2019-01-17 10:46 - 2017-03-31 18:16 - 001968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-01-17 10:46 - 2017-03-31 16:59 - 001612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-01-17 10:46 - 2017-02-04 12:53 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-01-17 10:46 - 2017-01-06 12:25 - 002513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-01-17 10:46 - 2017-01-06 12:04 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-01-17 10:46 - 2016-11-12 16:06 - 000738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2019-01-17 10:46 - 2016-11-12 14:38 - 000613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2019-01-17 10:46 - 2016-05-12 13:38 - 000135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2019-01-17 10:46 - 2016-05-12 12:43 - 000115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2019-01-17 10:46 - 2014-10-28 19:57 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2019-01-17 10:45 - 2018-12-27 17:47 - 001441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 10:45 - 2018-10-15 22:39 - 001063368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-17 10:45 - 2018-10-15 22:18 - 001137472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-17 10:45 - 2018-08-13 20:22 - 022374608 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-17 10:45 - 2018-08-13 20:19 - 019790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-17 10:45 - 2018-07-24 12:50 - 006522344 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-17 10:45 - 2018-06-14 20:55 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-01-17 10:45 - 2018-06-14 20:43 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-01-17 10:45 - 2018-04-22 04:02 - 000803696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-01-17 10:45 - 2017-09-07 14:54 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-01-17 10:45 - 2017-08-17 17:07 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-01-17 10:45 - 2017-08-17 17:03 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-01-17 10:45 - 2017-04-16 04:07 - 000548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-17 10:44 - 2018-08-14 14:04 - 004171264 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-01-17 10:44 - 2018-08-09 08:16 - 004876800 _____ (Gracenote, Inc.) C:\WINDOWS\system32\gnsdk_fp.dll
2019-01-17 10:44 - 2018-06-19 08:38 - 003611136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-01-17 10:44 - 2018-06-19 08:38 - 003321344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-01-17 10:44 - 2018-06-16 10:03 - 002779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2019-01-17 10:44 - 2018-06-16 09:59 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000918296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000065880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000021848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000018776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000015192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000013152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000020824 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000019288 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000016216 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000014168 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-01-17 10:44 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-01-17 10:44 - 2018-03-24 09:56 - 007033344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-01-17 10:44 - 2018-01-12 13:31 - 004690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-17 10:44 - 2018-01-02 00:38 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-01-17 10:44 - 2018-01-01 23:17 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-17 10:44 - 2018-01-01 22:55 - 003548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-01-17 10:44 - 2017-09-13 08:31 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-01-17 10:44 - 2017-09-09 10:47 - 014466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-17 10:44 - 2017-09-09 10:21 - 012879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-17 10:44 - 2017-06-13 12:11 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-01-17 10:44 - 2017-06-13 03:03 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-01-17 10:44 - 2017-06-13 02:54 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-01-17 10:44 - 2014-10-28 21:49 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-01-17 10:44 - 2014-10-28 21:04 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2019-01-17 10:43 - 2018-12-27 21:12 - 000178128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 10:43 - 2018-12-08 01:34 - 001409480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2019-01-17 10:43 - 2018-12-08 01:34 - 001383880 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 10:43 - 2018-12-08 01:34 - 001354184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 10:43 - 2018-12-08 01:34 - 001284040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2019-01-17 10:43 - 2018-12-07 09:24 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 10:43 - 2018-09-08 13:22 - 001676152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-17 10:43 - 2018-09-08 13:22 - 001536216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-17 10:43 - 2018-09-08 13:22 - 001500528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-17 10:43 - 2018-09-08 13:22 - 001371448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-17 10:43 - 2018-08-27 20:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-01-17 10:43 - 2018-08-12 15:25 - 000149632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-01-17 10:43 - 2018-07-26 08:21 - 001602048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-01-17 10:43 - 2018-07-26 08:21 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-01-17 10:43 - 2018-05-15 03:42 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-01-17 10:43 - 2018-05-12 16:11 - 000532664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-17 10:43 - 2018-05-12 16:06 - 000567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-17 10:43 - 2018-03-24 09:54 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-01-17 10:43 - 2018-02-10 12:09 - 003757056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-01-17 10:43 - 2018-01-11 12:42 - 002923520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2019-01-17 10:43 - 2018-01-02 02:56 - 000397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-01-17 10:43 - 2018-01-02 01:03 - 000341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-01-17 10:43 - 2017-07-21 08:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2019-01-17 10:43 - 2017-07-21 08:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2019-01-17 10:43 - 2017-07-01 08:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2019-01-17 10:43 - 2017-07-01 08:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-01-17 10:43 - 2016-11-19 16:24 - 000152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-01-17 10:43 - 2016-08-11 12:17 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-01-17 10:42 - 2018-12-27 17:11 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-01-17 10:42 - 2018-12-27 17:06 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-01-17 10:42 - 2018-11-10 13:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-17 10:42 - 2018-11-10 11:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-17 10:42 - 2018-11-10 11:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-17 10:42 - 2018-10-06 10:41 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-01-17 10:42 - 2018-10-06 10:34 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-01-17 10:42 - 2018-09-23 11:00 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-17 10:42 - 2018-08-12 09:21 - 001633008 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-17 10:42 - 2018-07-24 12:50 - 001488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-17 10:42 - 2018-05-15 00:47 - 002334624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-17 10:42 - 2018-05-05 14:05 - 001543800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2019-01-17 10:42 - 2018-02-10 11:46 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-01-17 10:42 - 2018-01-12 12:35 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-17 10:42 - 2018-01-11 13:19 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2019-01-17 10:42 - 2018-01-11 12:55 - 002003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2019-01-17 10:42 - 2018-01-01 23:13 - 002252800 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-01-17 10:42 - 2017-08-06 16:20 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-17 10:42 - 2017-03-03 10:11 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2019-01-17 10:42 - 2017-03-03 10:06 - 001501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2019-01-17 10:42 - 2017-01-14 15:32 - 000955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-01-17 10:42 - 2016-08-11 20:58 - 002315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-01-17 10:42 - 2016-08-11 20:58 - 001946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-01-17 10:42 - 2016-07-30 12:12 - 002896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-17 10:42 - 2016-07-30 11:36 - 002537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-17 10:42 - 2014-10-28 19:46 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-01-17 10:41 - 2018-12-27 17:56 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2019-01-17 10:41 - 2018-12-27 17:34 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2019-01-17 10:41 - 2018-07-05 18:17 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-01-17 10:41 - 2018-05-14 23:57 - 002324752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-17 10:41 - 2018-05-05 13:15 - 001178136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2019-01-17 10:41 - 2018-03-03 11:24 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2019-01-17 10:41 - 2018-02-08 12:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-01-17 10:41 - 2018-01-11 13:28 - 001562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2019-01-17 10:41 - 2018-01-11 12:13 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-01-17 10:41 - 2018-01-09 00:19 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2019-01-17 10:41 - 2018-01-08 23:59 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2019-01-17 10:41 - 2017-10-10 11:39 - 001192960 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-01-17 10:41 - 2017-09-08 12:14 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2019-01-17 10:41 - 2017-09-08 11:50 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2019-01-17 10:41 - 2017-01-14 14:18 - 000787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-01-17 10:41 - 2016-08-03 10:42 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-01-17 10:41 - 2016-08-03 10:36 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-01-17 10:40 - 2018-12-27 18:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-17 10:40 - 2018-12-27 18:25 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-17 10:40 - 2018-12-27 18:05 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-17 10:40 - 2018-12-27 17:55 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-17 10:40 - 2018-11-10 11:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-17 10:40 - 2018-08-27 20:36 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-01-17 10:40 - 2018-08-21 08:35 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-01-17 10:40 - 2018-04-07 10:20 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2019-01-17 10:40 - 2018-03-03 11:18 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2019-01-17 10:40 - 2018-01-01 23:16 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-17 10:40 - 2018-01-01 23:11 - 002268160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll
2019-01-17 10:40 - 2018-01-01 23:09 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-01-17 10:40 - 2017-10-10 09:58 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-01-17 10:40 - 2017-07-16 18:55 - 003551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2019-01-17 10:40 - 2017-07-01 08:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-01-17 10:40 - 2017-06-11 16:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2019-01-17 10:40 - 2017-06-11 15:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2019-01-17 10:40 - 2017-06-06 15:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2019-01-17 10:40 - 2017-05-27 11:38 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2019-01-17 10:40 - 2017-01-10 15:46 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-01-17 10:40 - 2017-01-10 14:09 - 001108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-01-17 10:39 - 2018-12-27 21:12 - 000444368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 10:39 - 2018-12-27 17:11 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 10:39 - 2018-08-09 11:59 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-01-17 10:39 - 2018-07-06 12:14 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-01-17 10:39 - 2018-07-06 11:22 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-01-17 10:39 - 2018-06-14 21:12 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-01-17 10:39 - 2018-05-05 11:38 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-01-17 10:39 - 2018-04-07 10:10 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2019-01-17 10:39 - 2018-03-24 10:40 - 001171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-01-17 10:39 - 2018-03-24 10:22 - 001086976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-01-17 10:39 - 2018-03-03 11:04 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2019-01-17 10:39 - 2018-02-10 14:25 - 000533856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-01-17 10:39 - 2018-02-08 13:21 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2019-01-17 10:39 - 2018-02-08 12:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-01-17 10:39 - 2018-01-01 23:29 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-01-17 10:39 - 2018-01-01 22:56 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-01-17 10:39 - 2017-07-12 15:29 - 000420440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-01-17 10:39 - 2017-06-13 12:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2019-01-17 10:39 - 2017-06-11 17:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2019-01-17 10:39 - 2017-06-06 14:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2019-01-17 10:39 - 2017-06-02 07:06 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-01-17 10:38 - 2018-12-27 19:24 - 000333768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 10:38 - 2018-12-27 17:05 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 10:38 - 2018-09-07 12:39 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-01-17 10:38 - 2018-09-07 11:51 - 002849280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-01-17 10:38 - 2018-06-27 13:10 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-01-17 10:38 - 2018-05-14 21:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-01-17 10:38 - 2018-05-05 11:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-01-17 10:38 - 2018-02-08 12:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-01-17 10:38 - 2018-01-01 23:34 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-01-17 10:38 - 2018-01-01 23:25 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-01-17 10:38 - 2018-01-01 23:17 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2019-01-17 10:38 - 2018-01-01 23:07 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-01-17 10:38 - 2017-09-06 16:17 - 000461144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2019-01-17 10:38 - 2017-07-17 14:53 - 004298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2019-01-17 10:38 - 2017-07-12 15:25 - 000308872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-01-17 10:38 - 2017-06-11 16:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2019-01-17 10:38 - 2017-05-31 16:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-01-17 10:38 - 2017-02-04 12:32 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-01-17 10:38 - 2017-02-04 12:05 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2019-01-17 10:38 - 2017-02-01 14:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-17 10:38 - 2017-01-12 11:51 - 000274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2019-01-17 10:38 - 2016-10-08 17:07 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2019-01-17 10:38 - 2016-10-04 23:15 - 000324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-01-17 10:38 - 2016-09-01 09:33 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2019-01-17 10:38 - 2016-08-25 15:50 - 000747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-01-17 10:38 - 2016-08-25 14:40 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-01-17 10:38 - 2014-10-28 20:52 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-01-17 10:37 - 2018-11-10 13:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-17 10:37 - 2018-10-11 21:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2019-01-17 10:37 - 2018-09-23 11:45 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2019-01-17 10:37 - 2018-08-23 17:54 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-01-17 10:37 - 2018-06-26 10:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2019-01-17 10:37 - 2018-06-26 10:14 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2019-01-17 10:37 - 2018-05-14 22:05 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-01-17 10:37 - 2018-05-14 21:57 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-01-17 10:37 - 2018-05-03 18:02 - 000439640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2019-01-17 10:37 - 2018-04-10 12:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\synthstor.dll
2019-01-17 10:37 - 2018-03-28 19:24 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2019-01-17 10:37 - 2018-03-24 10:34 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2019-01-17 10:37 - 2018-03-03 12:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2019-01-17 10:37 - 2018-03-03 11:18 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2019-01-17 10:37 - 2018-03-03 11:04 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2019-01-17 10:37 - 2018-02-10 14:29 - 000274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-17 10:37 - 2018-01-02 03:00 - 000242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2019-01-17 10:37 - 2018-01-02 03:00 - 000214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-01-17 10:37 - 2018-01-02 01:39 - 000354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-01-17 10:37 - 2018-01-01 23:18 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-01-17 10:37 - 2018-01-01 23:16 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-01-17 10:37 - 2018-01-01 23:06 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-01-17 10:37 - 2017-12-14 18:26 - 000374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-01-17 10:37 - 2017-12-14 16:39 - 000315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-01-17 10:37 - 2017-12-05 11:10 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-01-17 10:37 - 2017-12-05 11:02 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2019-01-17 10:37 - 2017-09-13 08:27 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2019-01-17 10:37 - 2017-08-13 10:52 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2019-01-17 10:37 - 2017-08-11 16:19 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2019-01-17 10:37 - 2017-08-11 16:14 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2019-01-17 10:37 - 2017-08-10 22:27 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-01-17 10:37 - 2017-06-24 11:46 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2019-01-17 10:37 - 2017-06-24 11:16 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2019-01-17 10:37 - 2017-06-13 03:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2019-01-17 10:37 - 2017-06-11 16:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2019-01-17 10:37 - 2017-06-11 16:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2019-01-17 10:37 - 2017-06-11 15:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2019-01-17 10:37 - 2017-06-11 15:13 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2019-01-17 10:37 - 2017-06-06 15:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-01-17 10:37 - 2017-06-06 14:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2019-01-17 10:37 - 2017-06-06 13:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-01-17 10:37 - 2017-06-06 13:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2019-01-17 10:37 - 2017-05-09 09:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2019-01-17 10:37 - 2017-03-09 15:52 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-17 10:37 - 2017-03-09 14:17 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-17 10:37 - 2017-02-11 11:49 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2019-01-17 10:37 - 2017-01-21 14:27 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2019-01-17 10:37 - 2017-01-21 13:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2019-01-17 10:37 - 2016-10-11 15:21 - 000497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-01-17 10:37 - 2016-10-11 15:21 - 000399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-01-17 10:37 - 2016-10-10 13:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2019-01-17 10:37 - 2016-10-09 17:59 - 000551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-17 10:37 - 2016-10-08 16:21 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2019-01-17 10:37 - 2016-10-04 23:15 - 000245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-01-17 10:37 - 2016-09-02 09:05 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2019-01-17 10:37 - 2016-08-03 10:36 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2019-01-17 10:37 - 2016-08-03 10:33 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2019-01-17 10:37 - 2014-10-28 21:11 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2019-01-17 10:36 - 2018-12-27 18:17 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2019-01-17 10:36 - 2018-12-27 17:50 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2019-01-17 10:36 - 2018-12-27 17:49 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2019-01-17 10:36 - 2018-12-27 17:31 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2019-01-17 10:36 - 2018-10-24 19:46 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-17 10:36 - 2018-10-24 19:45 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-17 10:36 - 2018-10-12 15:25 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2019-01-17 10:36 - 2018-10-12 15:16 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2019-01-17 10:36 - 2018-10-12 15:16 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2019-01-17 10:36 - 2018-10-11 20:58 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2019-01-17 10:36 - 2018-10-05 10:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-01-17 10:36 - 2018-10-05 10:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls
2019-01-17 10:36 - 2018-08-12 12:07 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-01-17 10:36 - 2018-08-12 11:32 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-01-17 10:36 - 2018-08-09 11:41 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-01-17 10:36 - 2018-07-24 12:50 - 000261408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-01-17 10:36 - 2018-05-14 23:04 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-01-17 10:36 - 2018-04-15 11:55 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-01-17 10:36 - 2018-04-15 11:16 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-01-17 10:36 - 2018-04-10 13:27 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2019-01-17 10:36 - 2018-04-10 12:43 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\synthfcvdev.dll
2019-01-17 10:36 - 2018-04-10 12:01 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2019-01-17 10:36 - 2018-03-24 10:57 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2019-01-17 10:36 - 2018-03-10 15:55 - 000137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2019-01-17 10:36 - 2018-03-10 14:04 - 000120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2019-01-17 10:36 - 2018-03-07 18:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2019-01-17 10:36 - 2018-03-07 18:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2019-01-17 10:36 - 2018-03-03 12:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2019-01-17 10:36 - 2018-02-08 13:18 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2019-01-17 10:36 - 2018-02-08 13:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-17 10:36 - 2018-01-12 13:18 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2019-01-17 10:36 - 2018-01-12 12:26 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2019-01-17 10:36 - 2018-01-11 13:39 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2019-01-17 10:36 - 2018-01-11 13:34 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2019-01-17 10:36 - 2018-01-11 13:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2019-01-17 10:36 - 2018-01-11 13:04 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2019-01-17 10:36 - 2018-01-02 01:05 - 000164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-01-17 10:36 - 2018-01-02 00:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-01-17 10:36 - 2018-01-02 00:34 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-01-17 10:36 - 2018-01-01 23:34 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-01-17 10:36 - 2018-01-01 23:33 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-01-17 10:36 - 2018-01-01 23:32 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-01-17 10:36 - 2018-01-01 23:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-01-17 10:36 - 2018-01-01 23:13 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-01-17 10:36 - 2018-01-01 23:12 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-01-17 10:36 - 2018-01-01 23:11 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2019-01-17 10:36 - 2018-01-01 22:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-01-17 10:36 - 2018-01-01 22:57 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2019-01-17 10:36 - 2017-12-05 11:45 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2019-01-17 10:36 - 2017-12-05 10:58 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2019-01-17 10:36 - 2017-12-05 10:24 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2019-01-17 10:36 - 2017-09-09 12:38 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2019-01-17 10:36 - 2017-09-09 08:13 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2019-01-17 10:36 - 2017-09-09 08:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2019-01-17 10:36 - 2017-09-06 18:07 - 000158552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2019-01-17 10:36 - 2017-08-10 20:41 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2019-01-17 10:36 - 2017-08-01 22:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2019-01-17 10:36 - 2017-07-08 13:43 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2019-01-17 10:36 - 2017-07-07 22:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys
2019-01-17 10:36 - 2017-07-01 08:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2019-01-17 10:36 - 2017-07-01 08:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2019-01-17 10:36 - 2017-06-06 15:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2019-01-17 10:36 - 2017-06-06 14:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-01-17 10:36 - 2017-06-06 14:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-01-17 10:36 - 2017-06-06 14:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2019-01-17 10:36 - 2017-06-06 13:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2019-01-17 10:36 - 2017-06-06 13:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2019-01-17 10:36 - 2017-06-06 13:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2019-01-17 10:36 - 2017-06-06 13:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2019-01-17 10:36 - 2017-05-02 13:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-01-17 10:36 - 2017-04-06 12:16 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2019-01-17 10:36 - 2017-03-13 11:38 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll
2019-01-17 10:36 - 2017-03-13 11:13 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll
2019-01-17 10:36 - 2017-02-11 11:42 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2019-01-17 10:36 - 2016-12-24 19:48 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2019-01-17 10:36 - 2016-11-19 12:22 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-01-17 10:36 - 2016-10-09 09:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
 

Broni

Malware Annihilator
2019-01-17 10:36 - 2016-09-02 09:05 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2019-01-17 10:36 - 2014-10-28 19:59 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-01-17 10:35 - 2018-10-24 19:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2019-01-17 10:35 - 2018-10-11 20:58 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2019-01-17 10:35 - 2018-10-06 11:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-01-17 10:35 - 2018-08-09 12:40 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-01-17 10:35 - 2018-07-18 08:34 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-01-17 10:35 - 2018-04-07 10:41 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2019-01-17 10:35 - 2018-04-07 10:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2019-01-17 10:35 - 2018-04-07 10:06 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2019-01-17 10:35 - 2018-02-10 12:01 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2019-01-17 10:35 - 2018-02-08 12:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2019-01-17 10:35 - 2018-02-08 12:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-17 10:35 - 2018-02-08 12:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2019-01-17 10:35 - 2018-01-02 00:19 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2019-01-17 10:35 - 2018-01-01 23:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2019-01-17 10:35 - 2018-01-01 23:22 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2019-01-17 10:35 - 2018-01-01 23:08 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-01-17 10:35 - 2018-01-01 23:05 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2019-01-17 10:35 - 2017-12-13 00:39 - 000093008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterSvc.dll
2019-01-17 10:35 - 2017-09-06 09:14 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2019-01-17 10:35 - 2017-08-19 12:27 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2019-01-17 10:35 - 2017-08-19 11:48 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2019-01-17 10:35 - 2017-08-11 15:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-01-17 10:35 - 2017-08-10 20:49 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2019-01-17 10:35 - 2017-04-30 11:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls
2019-01-17 10:35 - 2017-03-04 14:06 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2019-01-17 10:35 - 2017-03-04 13:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2019-01-17 10:35 - 2017-01-14 12:49 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-01-17 10:35 - 2017-01-12 11:51 - 000117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2019-01-17 10:35 - 2016-12-24 18:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2019-01-17 10:35 - 2016-10-11 12:47 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2019-01-17 10:35 - 2016-10-11 11:55 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2019-01-17 10:35 - 2016-09-17 13:16 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2019-01-17 10:35 - 2016-09-17 12:21 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2019-01-17 10:35 - 2016-02-02 12:51 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2019-01-17 10:35 - 2016-02-02 12:19 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2019-01-17 10:34 - 2018-10-24 19:51 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2019-01-17 10:34 - 2018-10-06 11:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-01-17 10:34 - 2018-08-13 16:17 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2019-01-17 10:34 - 2018-06-20 11:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-01-17 10:34 - 2018-05-03 18:02 - 000187728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2019-01-17 10:34 - 2018-03-28 20:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-01-17 10:34 - 2018-02-08 13:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-17 10:34 - 2018-02-08 12:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2019-01-17 10:34 - 2018-01-11 13:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2019-01-17 10:34 - 2018-01-02 00:38 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-01-17 10:34 - 2018-01-02 00:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-01-17 10:34 - 2018-01-01 23:09 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-01-17 10:34 - 2017-11-07 15:46 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2019-01-17 10:34 - 2017-10-10 11:36 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-01-17 10:34 - 2017-10-10 11:29 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2019-01-17 10:34 - 2017-07-12 15:25 - 000066112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2019-01-17 10:34 - 2017-07-07 22:14 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2019-01-17 10:34 - 2017-06-06 14:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2019-01-17 10:34 - 2017-06-06 13:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2019-01-17 10:34 - 2017-03-03 10:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2019-01-17 10:34 - 2017-03-03 10:04 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2019-01-17 10:34 - 2017-02-04 12:17 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2019-01-17 10:34 - 2016-10-09 09:08 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2019-01-17 10:34 - 2016-10-09 09:08 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2019-01-17 10:34 - 2016-09-09 09:03 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-01-17 10:34 - 2016-09-09 09:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-01-17 10:34 - 2016-09-08 09:00 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-01-17 10:34 - 2016-09-03 13:06 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2019-01-17 10:34 - 2016-08-11 13:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2019-01-17 10:34 - 2016-07-23 13:12 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2019-01-17 10:34 - 2016-03-03 11:45 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2019-01-17 10:34 - 2014-11-07 22:24 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2019-01-17 10:34 - 2014-11-04 01:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-01-17 10:34 - 2014-10-28 20:54 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2019-01-17 10:34 - 2014-10-28 20:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2019-01-17 10:34 - 2014-10-28 20:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-01-17 10:34 - 2014-10-28 20:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-01-17 10:34 - 2014-10-28 19:55 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-01-17 10:34 - 2014-10-08 01:54 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsntfy.dll
2019-01-17 10:33 - 2018-12-08 14:00 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 10:33 - 2018-09-28 08:38 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-17 10:33 - 2018-08-13 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-01-17 10:33 - 2018-08-09 11:41 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-01-17 10:33 - 2018-06-20 11:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-01-17 10:33 - 2018-04-07 10:01 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2019-01-17 10:33 - 2018-04-05 12:47 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys
2019-01-17 10:33 - 2018-03-10 12:47 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-01-17 10:33 - 2018-03-07 13:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2019-01-17 10:33 - 2018-03-03 11:15 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2019-01-17 10:33 - 2018-02-08 13:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2019-01-17 10:33 - 2018-01-11 13:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2019-01-17 10:33 - 2018-01-02 02:56 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-01-17 10:33 - 2018-01-02 00:39 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-01-17 10:33 - 2017-12-05 11:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2019-01-17 10:33 - 2017-11-07 16:15 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2019-01-17 10:33 - 2017-10-10 10:42 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2019-01-17 10:33 - 2017-07-12 15:29 - 000075440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2019-01-17 10:33 - 2017-06-06 15:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2019-01-17 10:33 - 2017-06-06 13:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2019-01-17 10:33 - 2017-05-15 17:09 - 000057688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-01-17 10:33 - 2017-05-10 13:19 - 000101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-01-17 10:33 - 2017-03-04 14:24 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-01-17 10:33 - 2017-02-10 09:37 - 000046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2019-01-17 10:33 - 2017-02-04 12:50 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-01-17 10:33 - 2016-09-12 17:03 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-17 10:33 - 2016-09-12 16:01 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-17 10:33 - 2016-08-30 09:11 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-17 10:33 - 2016-08-29 21:45 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2019-01-17 10:33 - 2016-08-12 19:05 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2019-01-17 10:33 - 2016-08-12 17:19 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2019-01-17 10:33 - 2016-06-25 13:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-01-17 10:33 - 2014-11-07 21:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2019-01-17 10:33 - 2014-10-28 21:42 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmiv2.dll
2019-01-17 10:33 - 2014-10-28 21:34 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2019-01-17 10:33 - 2014-10-28 21:30 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2019-01-17 10:33 - 2014-10-28 21:00 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-17 10:33 - 2014-10-28 20:58 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmiv2.dll
2019-01-17 10:33 - 2014-10-28 20:54 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2019-01-17 10:33 - 2014-10-28 20:52 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdhui.dll
2019-01-17 10:33 - 2014-10-28 20:48 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2019-01-17 10:33 - 2014-10-28 20:46 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
2019-01-17 10:33 - 2014-10-28 20:26 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-01-17 10:32 - 2018-12-08 06:23 - 000121272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 10:32 - 2018-09-28 08:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-17 10:32 - 2018-06-20 13:48 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-01-17 10:32 - 2018-06-19 08:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-01-17 10:32 - 2018-05-15 00:47 - 000244304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-17 10:32 - 2018-05-03 18:02 - 000325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-01-17 10:32 - 2018-04-05 12:38 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetVscCoinstall.dll
2019-01-17 10:32 - 2018-03-08 14:53 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2019-01-17 10:32 - 2018-03-07 14:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2019-01-17 10:32 - 2018-02-21 16:09 - 000022816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbldfltr.sys
2019-01-17 10:32 - 2018-01-02 00:39 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2019-01-17 10:32 - 2018-01-02 00:39 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2019-01-17 10:32 - 2018-01-01 23:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2019-01-17 10:32 - 2018-01-01 23:33 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-01-17 10:32 - 2018-01-01 23:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-01-17 10:32 - 2017-12-10 08:58 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-01-17 10:32 - 2017-08-13 12:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2019-01-17 10:32 - 2017-07-08 13:30 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2019-01-17 10:32 - 2017-06-13 12:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2019-01-17 10:32 - 2017-06-13 03:10 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-01-17 10:32 - 2017-05-09 09:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2019-01-17 10:32 - 2017-05-09 09:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2019-01-17 10:32 - 2017-05-02 13:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-01-17 10:32 - 2017-05-02 12:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2019-01-17 10:32 - 2016-09-03 12:21 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2019-01-17 10:32 - 2016-08-12 16:17 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-01-17 10:32 - 2016-02-02 12:01 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2019-01-17 10:32 - 2016-02-02 11:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2019-01-17 10:32 - 2014-11-07 22:56 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2019-01-17 10:32 - 2014-11-07 22:13 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2019-01-17 10:32 - 2014-10-28 22:51 - 000033032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2019-01-17 10:32 - 2014-10-28 22:51 - 000024800 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-01-17 10:32 - 2014-10-28 22:05 - 000026304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2019-01-17 10:32 - 2014-10-28 22:05 - 000020120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-01-17 10:32 - 2014-10-28 21:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshcon.dll
2019-01-17 10:32 - 2014-10-28 21:24 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-01-17 10:32 - 2014-10-28 21:12 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfmon.exe
2019-01-17 10:32 - 2014-10-28 20:53 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\traffic.dll
2019-01-17 10:32 - 2014-10-28 20:51 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshcon.dll
2019-01-17 10:32 - 2014-10-28 20:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsicli.exe
2019-01-17 10:32 - 2014-10-28 20:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-01-17 10:32 - 2014-10-28 20:35 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfmon.exe
2019-01-17 10:32 - 2014-10-28 20:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2019-01-17 10:32 - 2014-10-28 20:21 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2019-01-17 10:32 - 2014-10-28 20:00 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2019-01-17 10:31 - 2018-10-11 21:16 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dispex.dll
2019-01-17 10:31 - 2018-08-13 08:29 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-01-17 10:31 - 2018-06-20 11:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-01-17 10:31 - 2018-06-19 08:29 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-01-17 10:31 - 2018-05-23 00:45 - 000027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-01-17 10:31 - 2018-04-26 08:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-01-17 10:31 - 2018-04-26 08:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-01-17 10:31 - 2018-02-10 14:29 - 000124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS
2019-01-17 10:31 - 2018-02-10 14:29 - 000065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS
2019-01-17 10:31 - 2018-02-10 14:29 - 000062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys
2019-01-17 10:31 - 2018-02-10 14:29 - 000021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-01-17 10:31 - 2018-02-10 14:29 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-01-17 10:31 - 2018-02-10 11:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2019-01-17 10:31 - 2018-01-01 23:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-01-17 10:31 - 2017-12-14 05:17 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-01-17 10:31 - 2017-09-07 16:31 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2019-01-17 10:31 - 2017-09-07 14:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2019-01-17 10:31 - 2017-08-10 20:57 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2019-01-17 10:31 - 2017-07-22 13:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2019-01-17 10:31 - 2017-07-22 12:32 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2019-01-17 10:31 - 2017-07-14 13:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-01-17 10:31 - 2017-06-06 15:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2019-01-17 10:31 - 2017-01-12 10:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys
2019-01-17 10:31 - 2017-01-12 10:03 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2019-01-17 10:31 - 2016-10-10 13:18 - 000069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2019-01-17 10:31 - 2016-09-03 13:20 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2019-01-17 10:31 - 2016-08-12 17:35 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-01-17 10:31 - 2016-07-23 13:18 - 001220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2019-01-17 10:31 - 2014-11-07 22:56 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2019-01-17 10:31 - 2014-11-07 22:13 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2019-01-17 10:31 - 2014-11-07 22:13 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2019-01-17 10:31 - 2014-10-28 23:09 - 000033600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-01-17 10:31 - 2014-10-28 21:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\traffic.dll
2019-01-17 10:31 - 2014-10-28 21:29 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsicli.exe
2019-01-17 10:31 - 2014-10-28 21:18 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2019-01-17 10:31 - 2014-10-28 21:18 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2019-01-17 10:31 - 2014-10-28 21:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcsPlugInService.dll
2019-01-17 10:31 - 2014-10-28 21:16 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-01-17 10:31 - 2014-10-28 21:11 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2019-01-17 10:31 - 2014-10-28 20:58 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\convert.exe
2019-01-17 10:31 - 2014-10-28 20:39 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2019-01-17 10:31 - 2014-10-28 20:39 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2019-01-17 10:31 - 2014-10-28 20:38 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcsPlugInService.dll
2019-01-17 10:31 - 2014-10-28 20:37 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-01-17 10:31 - 2014-10-28 20:29 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2019-01-17 10:31 - 2014-10-28 20:28 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshqos.dll
2019-01-17 10:31 - 2014-10-28 20:26 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetEvtFwdr.exe
2019-01-17 10:31 - 2014-10-28 20:25 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-01-17 10:31 - 2014-10-28 20:05 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshqos.dll
2019-01-17 10:31 - 2014-10-28 20:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2019-01-17 10:30 - 2018-05-14 23:17 - 000032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-01-17 10:30 - 2018-03-28 20:21 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2019-01-17 10:30 - 2018-03-08 13:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2019-01-17 10:30 - 2018-02-10 11:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2019-01-17 10:30 - 2018-02-01 13:51 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-01-17 10:30 - 2018-01-09 01:06 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2019-01-17 10:30 - 2018-01-02 00:39 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-17 10:30 - 2017-07-14 15:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-01-17 10:30 - 2017-07-08 14:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2019-01-17 10:30 - 2017-07-08 12:29 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-01-17 10:30 - 2017-05-09 09:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2019-01-17 10:30 - 2017-04-09 15:40 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-01-17 10:30 - 2017-04-09 14:00 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2019-01-17 10:30 - 2017-04-06 10:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-01-17 10:30 - 2016-10-04 15:08 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-01-17 10:30 - 2016-08-12 19:01 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2019-01-17 10:30 - 2016-08-11 13:33 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2019-01-17 10:30 - 2014-11-07 22:56 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2019-01-17 10:30 - 2014-10-28 21:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\idndl.dll
2019-01-17 10:30 - 2014-10-28 21:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsied.dll
2019-01-17 10:30 - 2014-10-28 21:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2019-01-17 10:30 - 2014-10-28 21:40 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\sccls.dll
2019-01-17 10:30 - 2014-10-28 21:35 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdhui.dll
2019-01-17 10:30 - 2014-10-28 21:00 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\idndl.dll
2019-01-17 10:30 - 2014-10-28 20:58 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2019-01-17 10:30 - 2014-10-28 20:58 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsied.dll
2019-01-17 10:30 - 2014-10-28 20:56 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dispex.dll
2019-01-17 10:30 - 2014-10-28 20:26 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2019-01-17 10:30 - 2014-10-28 20:26 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2019-01-17 10:30 - 2014-10-28 20:19 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2019-01-17 10:30 - 2014-10-28 20:05 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2019-01-17 10:30 - 2014-10-28 19:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2019-01-17 10:29 - 2018-06-27 12:48 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2019-01-17 10:29 - 2018-01-09 00:32 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2019-01-17 10:29 - 2018-01-02 00:31 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2019-01-17 10:29 - 2018-01-02 00:28 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-01-17 10:29 - 2017-08-10 21:16 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2019-01-17 10:29 - 2016-08-12 19:03 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2019-01-17 10:29 - 2014-10-28 21:43 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2019-01-17 10:29 - 2014-10-28 21:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshnetbs.dll
2019-01-17 10:29 - 2014-10-28 21:33 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2019-01-17 10:29 - 2014-10-28 21:25 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resmon.exe
2019-01-17 10:29 - 2014-10-28 20:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resmon.exe
2019-01-17 10:29 - 2014-10-28 20:28 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-01-17 10:29 - 2014-10-28 20:05 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2019-01-17 10:28 - 2018-08-25 23:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2019-01-17 10:28 - 2018-08-25 23:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2019-01-17 10:28 - 2018-06-20 13:48 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2019-01-17 10:28 - 2018-03-08 13:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2019-01-17 10:28 - 2017-12-05 11:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2019-01-17 10:28 - 2016-08-12 19:02 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2019-01-17 10:28 - 2016-08-11 13:33 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2019-01-17 10:28 - 2014-11-07 23:00 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-01-17 10:28 - 2014-10-28 21:45 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\normaliz.dll
2019-01-17 10:28 - 2014-10-28 21:00 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\normaliz.dll
2019-01-17 10:27 - 2018-03-10 12:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-01-17 10:27 - 2018-03-10 12:43 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2019-01-17 10:27 - 2017-01-21 14:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2019-01-17 10:27 - 2017-01-21 14:27 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2019-01-17 10:27 - 2017-01-21 13:40 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2019-01-17 10:27 - 2017-01-21 13:40 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2019-01-17 10:27 - 2016-07-26 08:40 - 000162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2019-01-17 10:27 - 2016-07-26 08:40 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS
2019-01-17 09:33 - 2016-08-22 11:06 - 000179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2019-01-17 09:33 - 2016-08-22 11:06 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-01-17 09:33 - 2016-08-20 17:55 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2019-01-17 09:33 - 2016-05-12 11:17 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2019-01-17 09:33 - 2016-05-12 11:12 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2019-01-17 09:33 - 2016-05-12 11:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2019-01-17 09:33 - 2016-05-12 10:59 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2019-01-17 09:33 - 2016-05-12 10:43 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2019-01-17 09:33 - 2016-05-12 10:40 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2019-01-17 09:33 - 2016-05-12 10:37 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2019-01-17 09:33 - 2016-04-09 16:58 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-01-17 09:33 - 2016-04-09 16:50 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-01-17 09:33 - 2016-02-06 13:08 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2019-01-17 09:33 - 2016-02-05 14:07 - 000292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2019-01-17 09:33 - 2016-02-05 14:07 - 000243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2019-01-17 09:33 - 2016-01-10 12:50 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2019-01-17 09:33 - 2016-01-10 12:16 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-17 09:33 - 2016-01-10 12:14 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2019-01-17 09:33 - 2016-01-10 12:12 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2019-01-17 09:33 - 2016-01-10 11:51 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-17 09:33 - 2016-01-10 11:49 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2019-01-17 09:33 - 2014-10-28 22:51 - 000047024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2019-01-17 09:33 - 2014-10-28 21:48 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2019-01-17 09:33 - 2014-10-28 21:45 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2019-01-17 09:33 - 2014-10-28 21:45 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2019-01-17 09:33 - 2014-10-28 21:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LAPRXY.DLL
2019-01-17 09:33 - 2014-10-28 21:08 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2019-01-17 09:33 - 2014-10-28 20:51 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LAPRXY.DLL
2019-01-17 09:33 - 2014-10-28 20:32 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2019-01-17 09:33 - 2014-10-28 20:27 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2019-01-17 09:33 - 2014-10-28 20:25 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipsec.dll
2019-01-17 09:33 - 2014-10-28 20:04 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2019-01-17 09:33 - 2014-10-28 20:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipsec.dll
2019-01-17 09:32 - 2016-08-12 19:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2019-01-17 09:32 - 2016-06-21 13:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-01-17 09:32 - 2016-06-21 09:12 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-01-17 09:32 - 2016-01-31 14:16 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2019-01-17 09:32 - 2015-12-28 16:42 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2019-01-17 09:32 - 2015-12-28 15:31 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2019-01-17 09:32 - 2014-10-28 20:24 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-17 09:30 - 2018-10-12 14:47 - 001049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2019-01-17 09:30 - 2018-10-11 21:01 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2019-01-17 09:30 - 2018-10-11 20:12 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-01-17 09:30 - 2018-07-18 23:33 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2019-01-17 09:30 - 2018-07-18 23:22 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-01-17 09:30 - 2018-07-18 23:21 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-17 09:30 - 2018-07-18 23:03 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2019-01-17 09:30 - 2018-07-18 22:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-01-17 09:30 - 2018-07-18 22:54 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-01-17 09:30 - 2018-02-16 10:51 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2019-01-17 09:30 - 2018-02-16 10:51 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2019-01-17 09:30 - 2018-02-16 10:28 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2019-01-17 09:30 - 2018-02-16 10:24 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2019-01-17 09:30 - 2018-02-16 10:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2019-01-17 09:30 - 2018-02-16 09:37 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2019-01-17 09:30 - 2018-02-16 09:37 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-01-17 09:30 - 2018-02-10 12:03 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2019-01-17 09:30 - 2018-01-02 00:28 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2019-01-17 09:30 - 2018-01-02 00:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2019-01-17 09:30 - 2018-01-02 00:06 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2019-01-17 09:30 - 2018-01-01 23:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2019-01-17 09:30 - 2018-01-01 23:51 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2019-01-17 09:30 - 2018-01-01 23:44 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2019-01-17 09:30 - 2018-01-01 23:34 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2019-01-17 09:30 - 2018-01-01 23:27 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2019-01-17 09:30 - 2017-04-16 03:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2019-01-17 09:30 - 2017-04-16 02:29 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2019-01-17 09:11 - 2016-05-14 15:01 - 000363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-01-17 09:11 - 2016-05-14 15:01 - 000320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-01-17 09:11 - 2016-05-13 16:58 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-01-17 09:11 - 2016-05-13 16:35 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-01-17 09:10 - 2016-04-11 01:21 - 000074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-01-17 09:10 - 2016-03-03 11:13 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2019-01-17 09:09 - 2016-02-04 12:24 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
 

Broni

Malware Annihilator
2019-01-17 09:09 - 2016-02-04 12:02 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2019-01-17 09:04 - 2016-08-11 11:26 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2019-01-17 09:04 - 2016-08-11 11:17 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-01-17 09:04 - 2016-08-11 11:16 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-01-17 09:04 - 2014-10-28 21:17 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2019-01-16 20:30 - 2019-01-16 20:30 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\mbam
2019-01-16 20:29 - 2019-01-16 20:29 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\mbamtray
2019-01-16 20:24 - 2019-01-23 10:00 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-16 20:24 - 2019-01-16 20:24 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-16 20:24 - 2019-01-16 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-16 18:50 - 2018-06-08 08:15 - 002860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-01-16 17:34 - 2019-01-16 17:35 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\Glyph
2019-01-16 15:39 - 2019-01-16 15:39 - 000003936 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-01-16 15:39 - 2019-01-16 15:39 - 000001227 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2019-01-16 15:38 - 2019-01-16 15:38 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\Sun
2019-01-16 15:38 - 2019-01-16 15:38 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-01-16 14:48 - 2019-01-16 15:40 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\AVAST Software
2019-01-16 14:47 - 2019-01-16 14:47 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\AVAST Software
2019-01-16 14:46 - 2019-01-16 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-16 14:46 - 2019-01-16 14:46 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-16 14:41 - 2019-01-16 14:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-16 14:39 - 2019-01-25 09:15 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-16 14:38 - 2019-01-19 17:04 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-16 14:38 - 2019-01-16 14:40 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-16 14:38 - 2019-01-16 14:38 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-16 14:38 - 2019-01-16 14:37 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-16 14:38 - 2019-01-16 14:37 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-16 14:38 - 2019-01-16 14:37 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-16 14:34 - 2019-01-16 14:34 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-15 18:48 - 2019-01-16 15:38 - 000000000 ____D C:\ProgramData\AVAST Software

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 09:22 - 2014-04-29 12:48 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3873563209-1122956-651633644-1007
2019-01-25 09:07 - 2014-04-29 12:44 - 000000000 __RDO C:\Users\jsmor_000\OneDrive
2019-01-25 09:07 - 2014-04-29 12:08 - 027715584 _____ C:\WINDOWS\system32\vmguest.iso
2019-01-25 09:04 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-25 08:47 - 2014-06-23 20:40 - 000000000 ____D C:\Program Files\pcmax
2019-01-24 20:06 - 2013-08-22 08:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-01-24 17:48 - 2014-03-18 05:04 - 000981054 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-24 17:48 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2019-01-24 17:39 - 2015-06-20 22:31 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA.job
2019-01-24 17:39 - 2015-06-20 22:31 - 000000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core.job
2019-01-24 16:33 - 2012-07-26 02:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-23 22:37 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-23 08:13 - 2014-04-29 12:36 - 000000000 ____D C:\Users\jsmor_000\AppData\Roaming\Adobe
2019-01-23 08:12 - 2014-04-29 12:43 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\Adobe
2019-01-23 08:10 - 2013-03-11 11:55 - 000000000 ____D C:\ProgramData\McAfee
2019-01-17 19:39 - 2013-08-22 10:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-17 19:37 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2019-01-17 13:58 - 2015-06-20 22:31 - 000003876 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001UA
2019-01-17 13:58 - 2015-06-20 22:31 - 000003496 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3873563209-1122956-651633644-1001Core
2019-01-17 13:40 - 2013-01-18 19:34 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-17 13:40 - 2013-01-18 19:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-17 13:25 - 2013-08-22 10:36 - 000000000 ___RD C:\WINDOWS\ToastData
2019-01-17 13:24 - 2014-12-27 19:01 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files\Windows Defender
2019-01-17 13:24 - 2013-08-22 10:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-01-17 13:24 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-01-17 13:03 - 2009-07-13 21:34 - 000000505 _____ C:\WINDOWS\win.ini
2019-01-17 12:10 - 2013-08-14 09:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 12:01 - 2013-08-09 10:38 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-16 21:58 - 2014-06-23 20:44 - 000000000 ____D C:\temp
2019-01-16 20:42 - 2013-01-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-16 19:47 - 2014-06-17 11:22 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-01-16 19:27 - 2013-08-22 08:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2019-01-16 19:27 - 2012-07-26 03:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-16 19:25 - 2016-01-15 00:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-01-16 19:22 - 2012-07-26 00:37 - 000000000 ____D C:\Users\Default.migrated
2019-01-16 18:43 - 2014-05-01 13:13 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-01-16 18:27 - 2010-03-21 03:09 - 000000000 ____D C:\ProgramData\Adobe
2019-01-16 18:25 - 2010-03-21 03:09 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-16 17:36 - 2014-11-25 17:24 - 000000000 ____D C:\Program Files (x86)\Glyph
2019-01-16 17:19 - 2015-01-24 20:20 - 000000000 ____D C:\Program Files (x86)\PIE
2019-01-16 16:47 - 2013-01-18 19:30 - 000003966 _____ C:\WINDOWS\System32\Tasks\RecoveryCDWin7
2019-01-16 16:47 - 2013-01-18 19:30 - 000003774 _____ C:\WINDOWS\System32\Tasks\Registration
2019-01-16 16:18 - 2013-01-19 10:55 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 16:14 - 2017-06-25 11:22 - 000000000 ____D C:\Users\jsmor_000\AppData\Local\CrashDumps
2019-01-16 16:14 - 2014-10-24 19:59 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-16 16:14 - 2014-04-29 15:14 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-16 16:13 - 2014-06-17 12:51 - 000000000 __SHD C:\found.001
2019-01-16 16:13 - 2013-03-06 20:57 - 000000000 __SHD C:\found.000
2019-01-16 15:37 - 2013-11-09 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-16 15:36 - 2014-08-29 06:55 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-01-16 15:35 - 2018-04-17 10:17 - 000004468 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-16 15:35 - 2014-08-29 06:55 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-16 15:35 - 2013-08-11 20:19 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-16 15:34 - 2014-07-18 08:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-01-16 15:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-16 15:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-16 14:37 - 2014-06-26 08:29 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf914296c2ad2c
2019-01-16 14:37 - 2013-01-19 10:54 - 000003204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-15 18:44 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppCompat

==================== Files in the root of some directories =======

2017-06-25 10:11 - 2017-06-25 10:11 - 007649280 _____ () C:\Program Files (x86)\GUT95C2.tmp
2013-08-02 19:30 - 2013-08-02 19:30 - 004188160 _____ () C:\Program Files (x86)\GUTAD14.tmp

Some files in TEMP:
====================
2015-02-28 02:09 - 2015-02-28 02:09 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Home\AppData\Local\Temp\drm_dyndata_7370014.dll
2015-02-28 02:09 - 2015-02-28 10:39 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Home\AppData\Local\Temp\drm_dyndata_7380014.dll
2015-06-20 22:36 - 2015-06-20 22:36 - 000043008 _____ () C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphabicx.dll
2015-06-20 22:43 - 2015-06-20 22:43 - 000043008 _____ () C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo5cg13.dll
2014-06-23 21:08 - 2014-04-11 01:59 - 000080296 _____ () C:\Users\Home\AppData\Local\Temp\nspFD3F.tmp.exe
2014-10-02 13:43 - 2014-10-02 13:43 - 000018304 _____ () C:\Users\Home\AppData\Local\Temp\ochelper.dll
2014-10-02 13:43 - 2014-10-02 13:43 - 000021888 _____ () C:\Users\Home\AppData\Local\Temp\ochelper.exe
2014-08-22 12:38 - 2010-06-07 12:13 - 000256752 _____ (SUPERAntiSpyware.com) C:\Users\Home\AppData\Local\Temp\SSUPDATE.EXE
2015-12-02 10:05 - 2015-12-02 10:05 - 000120336 _____ (McAfee, Inc.) C:\Users\jsmor_000\AppData\Local\Temp\McCSPInstall.dll
2019-01-16 19:24 - 2015-12-02 10:05 - 000131344 _____ (McAfee Inc.) C:\Users\jsmor_000\AppData\Local\Temp\mccspuninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-01 10:13

==================== End of FRST.txt ============================
 

Broni

Malware Annihilator
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by jsmor_000 (25-01-2019 16:14:13)
Running from C:\Users\jsmor_000\Desktop
Windows 8.1 Pro (Update) (X64) (2014-04-29 17:26:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3873563209-1122956-651633644-500 - Administrator - Disabled)
Guest (S-1-5-21-3873563209-1122956-651633644-501 - Administrator - Disabled)
Home (S-1-5-21-3873563209-1122956-651633644-1001 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-3873563209-1122956-651633644-1006 - Administrator - Enabled)
jsmor_000 (S-1-5-21-3873563209-1122956-651633644-1007 - Administrator - Enabled) => C:\Users\jsmor_000
snickersoup (S-1-5-21-3873563209-1122956-651633644-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (HKLM-x32\...\{05F508E8-2DC6-4B12-B6A9-51000536216A}) (Version: 2.4 - Microsoft Corporation) Hidden
Application Insights Tools for Visual Studio Express 2013 for Windows (HKLM-x32\...\{02979B31-39AE-4988-B3DD-00F676897F17}) (Version: 2.4 - Microsoft Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{77F3D72C-465F-BD51-890E-CC3914B1365F}) (Version: 8.100.26629 - Microsoft)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Azure Resource Manager Tools (VS 2013) - v1.0 (HKLM-x32\...\{109BF2CC-BA35-4952-B9F1-502F07001DBA}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{CEF27F4B-6A27-4365-A69A-EA1A4EDAA96F}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT082192) (Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT082122) (Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT082124) (Version: 2.2.0.82 - WildTangent) Hidden
Blend for Visual Studio 2012 (HKLM-x32\...\{57F20F04-014D-453F-B6A3-AE9485C4DFAB}) (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (HKLM-x32\...\{532DBCC8-9468-435C-AEF6-30B7F50735A2}) (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (HKLM-x32\...\{834B6E00-F509-40F2-A677-E86261184576}) (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (HKLM-x32\...\{403759F5-1D77-49F4-812D-AF43196E8C74}) (Version: 3.0.30924.0 - Microsoft Corporation) Hidden
BlueLINE Suite (HKLM-x32\...\{F62CC001-0F60-4725-AF3A-0D558ED637A3}) (Version: 1.0.0 - Microsoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{CC1F74DF-058F-406C-BC7D-F14D6E5F7CBD}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{B255880F-8C5E-4FAF-8F9C-7DBA635B2615}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{E43BBAEB-4914-44C6-88C0-E7A1DBD20A91}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build-a-lot 2 (HKLM-x32\...\WT082438) (Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT083477) (Version: 2.2.0.82 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WT082200) (Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Cloud Deployment Project for Microsoft Visual Studio 2013 - v1.0 (HKLM-x32\...\{0D061E07-8CB8-4EE8-AE6E-B87AE0DEF1C6}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT082396) (Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (HKLM-x32\...\WT082133) (Version: 2.2.0.82 - WildTangent) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{372D17F6-A54E-4A01-B264-1314890FFE61}) (Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
Escape Rosecliff Island (HKLM-x32\...\WT083484) (Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (HKLM-x32\...\WT082442) (Version: 2.2.0.82 - WildTangent) Hidden
FATE (HKLM-x32\...\WT082141) (Version: 2.2.0.82 - WildTangent) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0183 (HKLM-x32\...\{BC146E5F-A2B0-40DB-90E7-2833807E98DF}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Install Finalizer (HKLM-x32\...\{66B42B6A-1A90-4375-89AF-EFF1F709AA2B}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Install Finalizer (HKLM-x32\...\{9182189E-CA6A-4395-BAAA-39F55EDB7127}) (Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
InstallShield 2013 Limited Edition (HKLM-x32\...\{6781C524-2DA2-4182-908C-8B204E0DD47C}) (Version: 20.00.0000 - Flexera Software LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 43 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416043FF}) (Version: 6.0.430 - Oracle)
JavaScript Tooling (HKLM\...\{73468C65-BC53-4D88-9246-75A5BB014DA2}) (Version: 11.0.60315 - Microsoft Corporation) Hidden
Jewel Quest 3 (HKLM-x32\...\WT082443) (Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT082468) (Version: 2.2.0.82 - WildTangent) Hidden
join.me (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kit SDK de vérification de Visual Studio 2012 - fra (HKLM-x32\...\{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
LocalESPC (HKLM-x32\...\{62910715-63E3-0AB0-0B29-99140DE1C15E}) (Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (HKLM-x32\...\{326A5052-061C-F656-31E3-3B73842ABD46}) (Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode4583) (Version: 1.1 - Media Buzz) <==== ATTENTION
Memory Profiler (HKLM-x32\...\{54F76D6C-0EC3-43D9-8BCC-73E31AB0BF06}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Memory Profiler (HKLM-x32\...\{A88AEB8B-A6C5-41BC-8F71-F704DD1E0D00}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (HKLM-x32\...\{916DF45F-3E75-47C1-8ACE-6D87B1646E4F}) (Version: 8.1.40402.2 - Microsoft Corporation)
Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio 2012 (HKLM-x32\...\{F46B1BE6-80B1-4600-BC8C-067E948C0056}) (Version: 1.5.50306.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.5 (HKLM\...\{A46322D1-A353-4F9A-8DA1-C58401E33639}) (Version: 2.5.6496.10 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.5 (HKLM\...\Microsoft Azure Compute Emulator - v2.5) (Version: 2.5.6496.10 - Microsoft Corporation)
Microsoft Azure HDInsight Tools for Visual Studio (HKLM-x32\...\{C6943238-E5DA-412D-850E-54181E5B4B65}) (Version: 1.0.0000.0 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.5 (HKLM\...\{22F9A831-CA56-4406-85FE-47FFB0472804}) (Version: 2.5.1024.161 - Microsoft Corporation)
Microsoft Azure Quickstarts (HKLM-x32\...\{06747CB9-4E28-3164-A1C5-F7FD307F08B5}) (Version: 1.5.0 - Microsoft Corporation)
Microsoft Azure Storage Tools - v3.0.0 (HKLM-x32\...\{870D4E4E-1BE7-42E7-9655-E7792290FCB4}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft Azure Tools for Microsoft Visual Studio 2013 - v2.5 (HKLM-x32\...\{4be5d1d6-933d-4058-853b-047ed1258fc4}) (Version: 2.5.21104.1601 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.30324 - Microsoft Corporation)
Microsoft Hive ODBC Driver (HKLM\...\{AC9970E8-7F55-4F50-A6D3-2BC041589904}) (Version: 1.0.5.5 - Microsoft Corporation)
Microsoft Hive ODBC Driver (HKLM-x32\...\{7A580208-9E61-47FD-9AEB-DDDAA67CF0F6}) (Version: 1.0.5.5 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{59DE4D1C-690E-4397-8A44-B684934E863C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20905.0) (HKLM-x32\...\{23A3E3F8-91B4-4C5A-9E69-6747CF6D426B}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools 2013 (HKLM-x32\...\{2768bca6-2ff2-4cb2-b6fc-654f7b5d6af0}) (Version: 12.0.41025.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0) (HKLM-x32\...\{D2964C0D-477B-4914-B791-1D80E61E85E6}) (Version: 11.1.20905.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Premium 2012 (HKLM-x32\...\{ddf0bb95-e254-447e-8472-3470057d9c7e}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSI Development Tools (HKLM-x32\...\{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{4C5FFB59-6222-45CA-9257-EFB93D5E1756}) (Version: 5.1.26 - Oracle Corporation)
MySQL Connector Net 6.7.4 (HKLM-x32\...\{D6952EDA-6AC4-4480-A060-BD6025B15BAD}) (Version: 6.7.4 - Oracle)
MySQL Connector/ODBC 5.2 64bit (community edition) (HKLM\...\{D8053A16-A50E-401C-B162-18119EB7CC33}) (Version: 5.2.5 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{4C102489-D4F3-4324-B573-0802120B1D80}) (Version: 5.6.13 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{7FC20482-AE94-4DF1-90C1-09EDEC416970}) (Version: 5.6.13 - Oracle Corporation)
MySQL For Excel 1.1.1 (HKLM-x32\...\{88C06BF4-9A84-42FE-A0B2-CB3A49DDBBF0}) (Version: 1.1.1 - Oracle)
MySQL for Visual Studio 1.0.2 (HKLM-x32\...\{0D406BCC-D62A-46FB-9AB7-A7BF10FB8B31}) (Version: 1.0.2 - Oracle)
MySQL Installer (HKLM-x32\...\{D8BAC677-5CCD-49FA-BF7D-21F65AB0EE0E}) (Version: 1.3.2.0 - Oracle Corporation)
MySQL Notifier 1.1.4 (HKLM-x32\...\{D7C3E617-EB02-47B3-8D0E-BF3E00D873D5}) (Version: 1.1.4 - Oracle)
MySQL Server 5.6 (HKLM\...\{0B9D4C33-AC1B-4973-B754-FE9EAB03D327}) (Version: 5.6.13 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{6A494EFD-CFC6-4534-9E14-26D3F7D888DE}) (Version: 1.3.4 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{0BBFADE9-0CA5-4AA3-BC90-629CE53952CF}) (Version: 6.0.6 - Oracle Corporation)
Mystery P.I. - The New York Fortune (HKLM-x32\...\WT082456) (Version: 2.2.0.82 - WildTangent) Hidden
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Online Plug-in (HKLM-x32\...\{F390D923-76F1-458E-8218-8C0C156CDCFD}) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Penguins! (HKLM-x32\...\WT082168) (Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT082170) (Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WT082171) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT082172) (Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT082173) (Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowreShellIntegration.Notifications (HKLM-x32\...\{ED8DFB38-C87B-42B3-A33E-B20DF935C055}) (Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}) (Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (HKLM-x32\...\{2881CFB4-71F9-40C7-8228-6395117C0EDA}) (Version: 1.3 - Microsoft Corporation) Hidden
Python Tools Redirection Template (HKLM-x32\...\{C6028E83-4C47-459F-9EDC-7D1412CBCD97}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2214 - CyberLink Corp.) Hidden
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for Home (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for jsmor_000 (HKU\S-1-5-21-3873563209-1122956-651633644-1007\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
RogueKiller version 13.1.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.3.0 - Adlice Software)
SDK de comprobación de Visual Studio 2012 - esn (HKLM-x32\...\{90EF884E-5253-324C-9C11-63C9DA16BF0C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26629 - Microsoft Corporation) Hidden
Self-service Plug-in (HKLM-x32\...\{47117FCA-0D00-4B6D-9D68-00B763629463}) (Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TextTwist 2 (HKLM-x32\...\WT083491) (Version: 2.2.0.82 - WildTangent) Hidden
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Uninstall Finalizer (HKLM-x32\...\{28F5A97C-F4EE-4945-AA33-8BBE3F93DB89}) (Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Uninstall Finalizer (HKLM-x32\...\{81596E4C-00BB-40D9-9748-1E5464BA563A}) (Version: 2.5.21104.1601 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Virtual Families (HKLM-x32\...\WT082188) (Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (HKLM-x32\...\WT082241) (Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2012 Update 3 (KB2707250) (HKLM-x32\...\{29828f33-4679-462a-8c98-1c3507678922}) (Version: 11.0.60610 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}) (Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (HKLM-x32\...\{0BCC836F-0B28-4090-B58A-64883BAA3B2F}) (Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (HKLM-x32\...\{148878BD-A2A5-4CF1-A103-2BA632F41953}) (Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Wheel of Fortune 2 (HKLM-x32\...\WT082189) (Version: 2.2.0.82 - WildTangent) Hidden
Win 7 Programming (HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\bgstore-ccf5399f@@XenDesktop 7.5.Win 7 Programming $S11-5) (Version: 1.0 - Delivered by Citrix)
Windows Azure Authoring Tools - v2.3 (HKLM\...\{CA53F7A1-A71D-4C7F-ABD2-7BDD26FE0D74}) (Version: 2.3.6491.3 - Microsoft Corporation)
Windows Azure Libraries for .NET – v2.3 (HKLM\...\{C0591F2A-45AD-4189-86A7-C2B1DF3D148D}) (Version: 2.3.0424.070 - Microsoft Corporation)
Windows Azure Storage Emulator - v3.4 (HKLM-x32\...\Windows Azure Storage Emulator - v3.4) (Version: 3.4.6848.0 - Microsoft Corporation)
Windows Azure Tools for Microsoft Visual Studio 2012 - v2.3 (HKLM-x32\...\{d330fe59-916f-4dcd-8de7-fbf00e4525b1}) (Version: 2.3.20320.1602 - Microsoft Corporation)
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Phone SDK 8.0 - ENU (HKLM-x32\...\{2348da3b-1257-4a83-a554-b094a08d06d9}) (Version: 11.0.50727.38 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26654 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26629 - Microsoft) Hidden
Zuma's Revenge (HKLM-x32\...\WT082463) (Version: 2.2.0.82 - WildTangent) Hidden
Пакет Visual Studio 2012 Verification SDK - rus (HKLM-x32\...\{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}) (Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03400A49-E088-4E64-B7BD-2B6D42A50D78} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {049EB354-D703-4CCE-83B9-A65A6298B4C1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-16] (AVAST Software)
Task: {09A2123D-EEF1-42CD-AC0D-ABBC6E1FB770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-14] (Google Inc.)
Task: {0C2CD050-3BC6-4D6D-86D5-F9447A56C245} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D258403-ED21-467B-B06B-6CEF3F76273D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D64D0DC-6A62-4ABA-BBDA-21C45BB0ACBD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21807602-3FB6-4391-A01A-AE1E5A7B9EF9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2324907B-B9DE-4E42-9A73-739A4164A30C} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard)
Task: {2446AADD-29D9-4AF1-98DC-69FCD4809528} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe