Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browser Hijack. Help!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Browser Hijack. Help!!

Unread postby netride » June 26th, 2016, 3:09 pm

Sorry for the MISTAKE. I have an HP laptop Windows 10 64bit that is infected with a browser hijacker, I have run Malwarebytes, Superantispware, HitmanPro, JRT, Adwarecleaner to no avail nothing has found it so fare, Help!!!! Attached are the FRST logs requested, Thank You very much for your assistance.
You do not have the required permissions to view the files attached to this post.
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm
Advertisement
Register to Remove

Re: Browser Hijack. Help!!

Unread postby pgmigg » June 28th, 2016, 1:25 pm

Hello netride,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby netride » June 28th, 2016, 3:55 pm

Thank you, I have read the "Must Read this First" as recommended in your reply. Again thank you for helping!
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby pgmigg » June 28th, 2016, 10:29 pm

Hello netride,

Thank you, I have read the "Must Read this First" as recommended in your reply. Again thank you for helping!
Very good. You are welcome!

Step 1.
Create a Backup With Tweaking.com Registry Backup (TCRB)
There is also a tutorial with pictures available HERE.
  1. Please download TCRB from HERE and save it to your Desktop.
  2. Double-click on tweaking.com_registry_backup_setup.exe and follow the prompts to install TCRB.
  3. Launch TCRB.
  4. Click the Backup Registry tab and make sure all the boxes are checked.
  5. Click on Backup Now.
  6. Once the backup is finished you can now exit the program.

Step 2.
Uninstall Programs
  1. Please press the Windows Key + R.
  2. Enter appwiz.cpl into the text box and click OK.
  3. Locate the following programs:
    SUPERAntiSpyware
    Zemana AntiMalware
  4. Press the Uninstall or Uninstall/Change button and carefully follow any prompts to uninstall the program.
    • Take care to read through any prompts completely! Some uninstallers may attempt to trick you into keeping the program.
    • Do this for every program listed.
    • Don't worry if you can't find one of the programs. Just be sure to let me know about it in your reply.
  5. Once finished, please reboot your computer.

Step 3.
FRST Fix
  1. You should still have FRST64.exe on your Desktop. If not please download it HERE and save it on your Desktop.
  2. Please press the Windows Key + R.
  3. Type notepad.exe into the text box and click OK.
  4. A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, but do not include the words Code: Select all.
    • (Click the Select all button next to Code: to select the entire script).
    Code: Select all
    CreateRestorePoint:
    
    HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13653232 2016-06-16] (Zemana Ltd.)
    HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-05-31] (SUPERAntiSpyware)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    Toolbar: HKLM - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} -  No File
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13653232 2016-06-16] (Zemana Ltd.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-06-24] (Zemana Ltd.)
    R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-06-24] (Zemana Ltd.)
    FirewallRules: [UDP Query User{BE029151-32F4-4580-9019-3FD4D6FB800D}C:\users\steve\downloads\anydesk.exe] => (Allow) C:\users\steve\downloads\anydesk.exe
    FirewallRules: [TCP Query User{FBAB0B4F-21C1-4C4D-B566-B88597328036}C:\users\steve\downloads\anydesk.exe] => (Allow) C:\users\steve\downloads\anydesk.exe
    
    C:\WINDOWS\system32\Drivers\zamguard64.sys
    C:\WINDOWS\system32\Drivers\zam64.sys
    
    Folder: C:\Users\Steve\AppData\Local\Zemana
    Folder: C:\Program Files (x86)\Zemana AntiMalware
    
    Hosts:
    EmptyTemp:
    CMD: ipconfig /flushdns
  5. Save it next to FRST64.exe as fixlist.txt.
    Important! fixlist.txt must be saved in the same directory as FRST64.exe to work.
  6. Right click on FRST64.exe and select Run as administrator.
  7. Press the Fix button one time only and wait.
  8. When FRST finishes you will be prompted to reboot your computer. Click OK.
  9. Your computer should now restart. On reboot navigate to your Desktop where you should find Fixlog.txt. Copy and paste the contents in your reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the fixlog.txt log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby netride » June 29th, 2016, 1:21 pm

I have done as instructed but FYI, superantispyware and zemana were installed after the browser hijacker, I downloaded the tools I listed to get rid of it, thought it was gone then 2 days later it came back and I had not opened any emails or used this particular laptop in that time, which is why I started looking for help. Today so far the hijacker is not showing itself and I am using the infected laptop at this time. Following is a copy of the log requested:

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Steve (2016-06-29 12:04:37) Run:1
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:

HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13653232 2016-06-16] (Zemana Ltd.)
HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-05-31] (SUPERAntiSpyware)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKLM - No Name - {97ab88ef-346b-4179-a0b1-7445896547a5} - No File
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13653232 2016-06-16] (Zemana Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-06-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-06-24] (Zemana Ltd.)
FirewallRules: [UDP Query User{BE029151-32F4-4580-9019-3FD4D6FB800D}C:\users\steve\downloads\anydesk.exe] => (Allow) C:\users\steve\downloads\anydesk.exe
FirewallRules: [TCP Query User{FBAB0B4F-21C1-4C4D-B566-B88597328036}C:\users\steve\downloads\anydesk.exe] => (Allow) C:\users\steve\downloads\anydesk.exe

C:\WINDOWS\system32\Drivers\zamguard64.sys
C:\WINDOWS\system32\Drivers\zam64.sys

Folder: C:\Users\Steve\AppData\Local\Zemana
Folder: C:\Program Files (x86)\Zemana AntiMalware

Hosts:
EmptyTemp:
CMD: ipconfig /flushdns
*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZAM => value not found.
HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{97ab88ef-346b-4179-a0b1-7445896547a5} => value removed successfully
HKCR\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5} => key not found.
!SASCORE => service not found.
ZAMSvc => service not found.
SASDIFSV => service not found.
SASKUTIL => service not found.
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
ZAM_Guard => service removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE029151-32F4-4580-9019-3FD4D6FB800D}C:\users\steve\downloads\anydesk.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FBAB0B4F-21C1-4C4D-B566-B88597328036}C:\users\steve\downloads\anydesk.exe => value removed successfully
C:\WINDOWS\system32\Drivers\zamguard64.sys => moved successfully
"C:\WINDOWS\system32\Drivers\zam64.sys" => not found.

========================= Folder: C:\Users\Steve\AppData\Local\Zemana ========================

2016-06-21 12:25 - 2016-06-29 11:44 - 0000000 ____D () C:\Users\Steve\AppData\Local\Zemana\Tracer
2016-06-21 12:25 - 2016-06-29 11:44 - 0005758 _____ () C:\Users\Steve\AppData\Local\Zemana\Tracer\ZAM.trace

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\Zemana AntiMalware ========================

not found.

====== End of Folder: ======

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7449008 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => -16460 B
Edge => 6468355 B
Chrome => 109568 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => -656 B
Steve => 5716131 B

RecycleBin => 92047 B
EmptyTemp: => 18.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:05:24 ====
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby pgmigg » June 29th, 2016, 4:16 pm

Hello netride,

I have done as instructed but FYI, superantispyware and zemana were installed after the browser hijacker, I downloaded the tools I listed to get rid of it, thought it was gone then 2 days later it came back and I had not opened any emails or used this particular laptop in that time, which is why I started looking for help. Today so far the hijacker is not showing itself and I am using the infected laptop at this time.
Many do not always mean good!

Computer should have one antivirus program and one antimalware program - sometime both of them may be included to one program as it happened in your case:
Code: Select all
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Any extra defense programs are needed as scanners only at the moment of suspicious activity.
The running more than one antivirus program is not recommended because:
  1. They can conflict with each other.
  2. Report the other antivirus software as malicious.
  3. Antivirus programs use an enormous amount of computer's resources... actively scanning your computer.
  4. Can cause your computer to run slowly, become unstable and crash.

Step 1.
ESET NOD32 Online Scan
NOTE: ESET Online Scanner can be run from Internet Explorer, Firefox, or Chrome.
  1. Firstly please Disable any Antivirus you have active, as shown in This topic. If active, it could impact the online scan.
    Do NOT use the computer while the scan is running!
    Make sure all other programs and windows are closed!
  2. Open your browser by right clicking and selecting Run as Administrator.
  3. Go to ESET Online Scanner - © ESET All Rights Reserved, to run an online scan.
  4. Click the dark blue SCAN NOW button:
    • If you using Google Chrome or Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted. Then double click on it to install.
    • If you using Internet Explorer please read the End User License Agreement and check the box: Yes, I accept the terms of use. Then click the green Start button.
  5. Accept any security warnings from your browser and allow the download/installation of any required files.
    If your browser blocks or halts a download, please allow it to download any required files.
  6. Under scan settings:
    • Check "Scan archives"
    • UNCHECK "Remove found threats"
  7. Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  8. Click the Start button.
    ESET Online Scanner will download its virus signature database and then automatically starts the scan.
    The scan will take a while. Please be patient and do NOT use your computer during the scan. Some people find it best to let the scan run overnight.
  9. When the scan completes click Copy to clipboard, then open Notepad, paste the contents there and save the file to your desktop as ESETScan.txt
  10. Copy and paste the contents of ESETScan.txt in your next reply.
  11. You can now exit the program using the X in the top-right.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.
IMPORTANT: Do not forget to re-enable your antivirus software.

Now please tell me why did you decide that your browsers (please list exactly which ones) were hijacked - any specific symptoms, etc?
I appreciate to receive as much information as possible.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the ESETScan.txt log file
  3. Answer for my question regarding symptoms of browser hijacking.
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby netride » June 29th, 2016, 7:49 pm

Attached is ESETScan.txt. In answer to your question, the browser I was using was Chrome although I would prefer Edge but it is not quite ready yet, anyway Chrome started to tell me to call a number to get a virus removed and in my experience those are malware and/or a virus themselves but it locked up my computer so I could only click on the place it was trying to send me for a repair. I had to shut down my computer to get away from it and when I would restart, every time I tried to go on the internet whether with chrome or ie11 or edge the chrome browser would pop up and the routine would start over.
contents of ESETScan.txt
C:\Users\Steve\Downloads\ccsetup516.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Steve\Downloads\ccsetup518.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Steve\Downloads\ccsetup519.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby netride » June 29th, 2016, 7:53 pm

Attached is ESETScan.txt. In answer to your question, the browser I was using was Chrome although I would prefer Edge but it is not quite ready yet, anyway Chrome started to tell me to call a number to get a virus removed and in my experience those are malware and/or a virus themselves but it locked up my computer so I could only click on the place it was trying to send me for a repair. I had to shut down my computer to get away from it and when I would restart, every time I tried to go on the internet whether with chrome or ie11 or edge the chrome browser would pop up and the routine would start over.
contents of ESETScan.txt
C:\Users\Steve\Downloads\ccsetup516.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Steve\Downloads\ccsetup518.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Steve\Downloads\ccsetup519.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

PS the ESET online scanner is still open on my desktop wanting to clean what it found but I did not tell it to yet because you didn't say to do that>
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby pgmigg » June 29th, 2016, 11:45 pm

Hello netride,

I had to shut down my computer to get away from it and when I would restart, every time I tried to go on the internet whether with chrome or ie11 or edge the chrome browser would pop up and the routine would start over.
It happens because your default browser is Chrome. Not now but later we will reinstall the Chrome browser.

the ESET online scanner is still open on my desktop wanting to clean what it found but I did not tell it to yet because you didn't say to do that
Actually it is not true - I asked you to close the ESET in the paragraph 11 of my instruction. You don't need to delete found files.

Step 1.
Fresh FRST64 Scan
You should still have FRST64.exe on your desktop.
  1. Right-click FRST64.exe and select "Run as administrator..." to run it.
  2. When the tool opens click Yes to the disclaimer if it is occurred.
  3. Please be sure that 90 Days Files check box under Optional Scan section is checked.
  4. Please be sure that Addition.txt check box under Optional Scan section is unchecked.
  5. Press Scan button. When finished a log will be created, FRST.txt.
  6. Please post the content of the FRST.txt in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please don't post your logs as attached files!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the FRST.txt log file after fresh FRST scan
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby netride » June 30th, 2016, 10:12 am

Everything went fine. So far the Hijacker has not returned.
SCAN CONTENTS BELOW:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Steve (administrator) on DESKTOP-TG56IFN (30-06-2016 08:59:08)
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files\AMD\ATI.ACE\a4\AdaptiveSleepService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-06-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2016-03-30] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\...\RunOnce: [Uninstall C:\Users\Steve\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steve\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cc27f605-5af9-4c53-9774-7c8c88605148}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f04567e6-e4b0-41ec-9f21-a55802833de0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1438484470-2919665786-3643381102-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://att.yahoo.com/
SearchScopes: HKU\S-1-5-21-1438484470-2919665786-3643381102-1001 -> DefaultScope {27798455-2522-4DB4-A859-D466B3B332ED} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1438484470-2919665786-3643381102-1001 -> {27798455-2522-4DB4-A859-D466B3B332ED} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1438484470-2919665786-3643381102-1001 -> hxxp://www.att.yahoo.com/

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-06]
CHR Extension: (Google Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-06]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-06]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-06]
CHR Extension: (Adblock Plus) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-06]
CHR Extension: (Google Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-06]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-06]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\AMD\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-03-30] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2016-03-30] (Advanced Micro Devices, Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-07-06] (Advanced Micro Devices) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [54808 2016-02-10] (Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [27384 2015-11-20] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101112 2016-02-10] (Advanced Micro Devices, Inc. )
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2016-02-10] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-09] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-06-01] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-06-09] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4619520 2015-07-21] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67704 2015-12-09] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-24] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-30 08:59 - 2016-06-30 08:59 - 00013421 _____ C:\Users\Steve\Desktop\FRST.txt
2016-06-29 18:42 - 2016-06-29 18:42 - 00000312 _____ C:\Users\Steve\Desktop\ESETScan.txt
2016-06-29 15:45 - 2016-06-29 15:45 - 00000000 ____D C:\Users\Steve\AppData\Local\ESET
2016-06-29 12:04 - 2016-06-29 12:05 - 00004842 _____ C:\Users\Steve\Desktop\Fixlog.txt
2016-06-29 12:04 - 2016-06-29 12:04 - 00000000 ____D C:\Users\Steve\Desktop\FRST-OlderVersion
2016-06-29 11:59 - 2015-10-30 02:18 - 00001158 _____ C:\Users\Steve\Desktop\Notepad.lnk
2016-06-29 11:52 - 2016-06-29 11:52 - 00001055 _____ C:\Users\Steve\Desktop\CCleaner.lnk
2016-06-29 11:43 - 2016-06-29 11:43 - 00001129 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-06-29 11:43 - 2016-06-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-06-29 11:43 - 2016-06-29 11:43 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-29 11:43 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-06-29 11:42 - 2016-06-29 11:42 - 11374528 _____ (VS Revo Group ) C:\Users\Steve\Downloads\RevoUninProSetup.exe
2016-06-29 11:41 - 2016-06-29 11:41 - 00002319 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-06-29 11:41 - 2016-06-29 11:41 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DESKTOP-TG56IFN-Windows-10-Home-(64-bit).dat
2016-06-29 11:41 - 2016-06-29 11:41 - 00000000 ____D C:\RegBackup
2016-06-29 11:41 - 2016-06-29 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-06-29 11:40 - 2016-06-29 11:40 - 05523840 _____ (Tweaking.com) C:\Users\Steve\Desktop\tweaking.com_registry_backup_setup.exe
2016-06-29 11:40 - 2016-06-29 11:40 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-06-29 11:39 - 2016-06-29 11:40 - 05523840 _____ (Tweaking.com) C:\Users\Steve\Downloads\tweaking.com_registry_backup_setup.exe
2016-06-26 00:07 - 2016-06-26 00:08 - 00251902 _____ C:\TDSSKiller.3.1.0.9_26.06.2016_00.07.20_log.txt
2016-06-25 17:50 - 2016-06-30 08:57 - 00000000 ____D C:\FRST
2016-06-25 17:50 - 2016-06-29 12:04 - 02390016 _____ (Farbar) C:\Users\Steve\Desktop\FRST64.exe
2016-06-25 17:39 - 2016-06-25 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-06-25 17:38 - 2016-06-25 17:38 - 00000000 ____D C:\WINDOWS\LastGood
2016-06-25 17:37 - 2016-06-25 17:40 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-25 17:31 - 2016-06-25 17:33 - 436213280 _____ (InstallShield Software Corporation ) C:\Users\Steve\Downloads\sp75760.exe
2016-06-25 17:13 - 2015-06-30 20:17 - 02897741 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-06-25 17:13 - 2015-06-30 19:36 - 01748696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-06-25 17:13 - 2015-06-30 16:04 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-06-25 17:13 - 2015-06-30 15:10 - 02931416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-06-25 17:13 - 2015-06-26 20:10 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-06-25 17:13 - 2015-06-22 14:43 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-06-25 17:13 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-06-25 17:13 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-06-25 17:13 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-06-25 17:13 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-06-25 17:13 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-06-25 17:13 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-06-25 17:13 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-06-25 17:13 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-06-25 17:13 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-06-25 17:13 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-06-25 17:13 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-06-25 17:13 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-06-25 17:13 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-06-25 17:13 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-06-25 17:13 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-06-25 17:13 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-06-25 17:13 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-06-25 17:12 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-06-25 17:12 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-06-25 17:11 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-06-25 17:11 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-06-25 17:10 - 2016-06-25 17:14 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-06-25 17:10 - 2016-06-25 17:10 - 00001839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B&O Play.lnk
2016-06-25 17:05 - 2016-06-25 17:05 - 00000210 _____ C:\Users\Steve\Desktop\My HP Product.url
2016-06-25 17:00 - 2016-06-25 17:01 - 227921240 _____ (Hewlett-Packard ) C:\Users\Steve\Downloads\sp72090.exe
2016-06-25 16:56 - 2016-06-25 16:56 - 61304192 _____ (Hewlett-Packard Company ) C:\Users\Steve\Downloads\sp72552.exe
2016-06-24 17:10 - 2016-06-29 11:53 - 00000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2016-06-24 17:09 - 2016-06-24 17:09 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-06-24 17:05 - 2016-06-24 17:10 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-24 16:17 - 2016-06-24 16:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-24 16:16 - 2016-06-24 16:16 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-24 16:16 - 2016-06-24 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-24 16:16 - 2016-06-24 16:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-24 16:16 - 2016-06-24 16:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-24 16:16 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-24 16:16 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-24 16:16 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-22 20:14 - 2016-06-25 17:20 - 02923608 _____ C:\Users\Steve\Downloads\The Midnight Assassin_ Panic, Scandal, and the Hunt for America's First Serial Killer.azw3
2016-06-21 12:35 - 2016-06-21 12:36 - 06995720 _____ (Piriform Ltd) C:\Users\Steve\Downloads\ccsetup519.exe
2016-06-21 12:25 - 2016-06-29 12:06 - 00029505 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-06-21 12:25 - 2016-06-29 11:45 - 00000000 ____D C:\Users\Steve\AppData\Local\Zemana
2016-06-21 12:25 - 2016-06-29 11:44 - 03212000 _____ C:\WINDOWS\ZAM.krnl.trace
2016-06-21 12:04 - 2016-06-21 12:04 - 03703360 _____ C:\Users\Steve\Downloads\adwcleaner_5.200.exe
2016-06-17 08:45 - 2016-05-28 00:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-17 08:45 - 2016-05-28 00:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-17 08:45 - 2016-05-28 00:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-17 08:45 - 2016-05-28 00:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-17 08:45 - 2016-05-28 00:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-17 08:45 - 2016-05-28 00:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-17 08:45 - 2016-05-28 00:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-17 08:45 - 2016-05-28 00:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-17 08:45 - 2016-05-28 00:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-17 08:45 - 2016-05-28 00:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-17 08:45 - 2016-05-28 00:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-17 08:45 - 2016-05-28 00:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-17 08:45 - 2016-05-27 23:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-17 08:45 - 2016-05-27 23:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-17 08:45 - 2016-05-27 23:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-17 08:45 - 2016-05-27 23:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-17 08:45 - 2016-05-27 23:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-17 08:45 - 2016-05-27 23:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-17 08:45 - 2016-05-27 23:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-17 08:45 - 2016-05-27 23:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-17 08:45 - 2016-05-27 23:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-17 08:45 - 2016-05-27 23:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-17 08:45 - 2016-05-27 23:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-17 08:45 - 2016-05-27 23:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-17 08:45 - 2016-05-27 23:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-17 08:45 - 2016-05-27 23:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-17 08:45 - 2016-05-27 23:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-17 08:45 - 2016-05-27 23:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-17 08:45 - 2016-05-27 23:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-17 08:45 - 2016-05-27 23:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-17 08:45 - 2016-05-27 23:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-17 08:45 - 2016-05-27 23:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-17 08:45 - 2016-05-27 23:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-17 08:45 - 2016-05-27 23:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-17 08:45 - 2016-05-27 23:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-17 08:45 - 2016-05-27 23:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-17 08:45 - 2016-05-27 23:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-17 08:45 - 2016-05-27 23:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-17 08:45 - 2016-05-27 23:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-17 08:45 - 2016-05-27 23:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-17 08:45 - 2016-05-27 23:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-17 08:45 - 2016-05-27 23:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-17 08:45 - 2016-05-27 23:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-17 08:45 - 2016-05-27 23:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-17 08:45 - 2016-05-27 23:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-17 08:45 - 2016-05-27 23:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-17 08:45 - 2016-05-27 23:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-17 08:45 - 2016-05-27 23:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-17 08:45 - 2016-05-27 23:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-17 08:45 - 2016-05-27 23:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-17 08:45 - 2016-05-27 23:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-17 08:45 - 2016-05-27 23:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-17 08:45 - 2016-05-27 23:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-17 08:45 - 2016-05-27 23:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-17 08:45 - 2016-05-27 23:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-17 08:45 - 2016-05-27 23:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-17 08:45 - 2016-05-27 23:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-17 08:45 - 2016-05-27 23:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-17 08:45 - 2016-05-27 23:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-17 08:45 - 2016-05-27 23:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-17 08:45 - 2016-05-27 23:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-17 08:45 - 2016-05-27 23:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-16 22:22 - 2016-05-28 00:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-16 22:22 - 2016-05-28 00:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 22:22 - 2016-05-27 23:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 22:22 - 2016-05-27 23:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-16 22:21 - 2016-05-28 00:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-16 22:21 - 2016-05-28 00:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 22:21 - 2016-05-28 00:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 22:21 - 2016-05-28 00:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-16 22:21 - 2016-05-28 00:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-16 22:21 - 2016-05-28 00:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-16 22:21 - 2016-05-28 00:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 22:21 - 2016-05-27 23:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-16 22:21 - 2016-05-27 23:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-16 22:21 - 2016-05-27 23:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-16 22:21 - 2016-05-27 23:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-16 22:21 - 2016-05-27 23:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 22:21 - 2016-05-27 23:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-16 22:21 - 2016-05-27 23:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-16 22:21 - 2016-05-27 23:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-16 22:21 - 2016-05-27 23:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 22:21 - 2016-05-27 23:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-16 22:21 - 2016-05-27 23:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-16 22:21 - 2016-05-27 23:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-16 22:21 - 2016-05-27 23:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 22:21 - 2016-05-27 23:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-16 22:21 - 2016-05-27 23:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 22:21 - 2016-05-27 23:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 22:21 - 2016-05-27 23:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 22:21 - 2016-05-27 23:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-16 22:21 - 2016-05-27 23:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-16 22:21 - 2016-05-27 23:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 22:21 - 2016-05-27 23:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 22:21 - 2016-05-27 23:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 22:21 - 2016-05-27 23:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-16 22:21 - 2016-05-27 23:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-16 22:21 - 2016-05-27 23:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-16 22:21 - 2016-05-27 23:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 22:21 - 2016-05-27 23:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-16 22:21 - 2016-05-27 23:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-16 22:21 - 2016-05-27 23:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 22:21 - 2016-05-27 22:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 22:21 - 2016-05-27 22:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 22:21 - 2016-05-27 22:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 22:21 - 2016-05-27 22:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-16 22:21 - 2016-05-27 22:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-16 22:20 - 2016-05-28 00:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-16 22:20 - 2016-05-28 00:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-16 22:20 - 2016-05-28 00:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-16 22:20 - 2016-05-28 00:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 22:20 - 2016-05-28 00:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-16 22:20 - 2016-05-28 00:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 22:20 - 2016-05-28 00:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-16 22:20 - 2016-05-28 00:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-16 22:20 - 2016-05-28 00:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 22:20 - 2016-05-28 00:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 22:20 - 2016-05-28 00:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 22:20 - 2016-05-27 23:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-16 22:20 - 2016-05-27 23:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-16 22:20 - 2016-05-27 23:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-16 22:20 - 2016-05-27 23:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-16 22:20 - 2016-05-27 23:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 22:20 - 2016-05-27 23:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-16 22:20 - 2016-05-27 23:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-16 22:20 - 2016-05-27 23:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 22:20 - 2016-05-27 23:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-16 22:20 - 2016-05-27 23:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-16 22:20 - 2016-05-27 23:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-16 22:20 - 2016-05-27 23:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-16 22:20 - 2016-05-27 23:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-16 22:20 - 2016-05-27 23:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-16 22:20 - 2016-05-27 23:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 22:20 - 2016-05-27 23:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-16 22:20 - 2016-05-27 23:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-16 22:20 - 2016-05-27 23:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-16 22:20 - 2016-05-27 23:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 22:20 - 2016-05-27 23:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 22:20 - 2016-05-27 23:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-16 22:20 - 2016-05-27 23:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-16 22:20 - 2016-05-27 23:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-16 22:20 - 2016-05-27 23:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-16 22:20 - 2016-05-27 23:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-16 22:20 - 2016-05-27 23:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 22:20 - 2016-05-27 23:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-16 22:20 - 2016-05-27 23:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-16 22:20 - 2016-05-27 23:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-16 22:20 - 2016-05-27 23:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-16 22:20 - 2016-05-27 23:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-16 22:20 - 2016-05-27 23:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 22:20 - 2016-05-27 23:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-16 22:20 - 2016-05-27 23:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-16 22:20 - 2016-05-27 23:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-16 22:20 - 2016-05-27 23:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 22:20 - 2016-05-27 23:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-16 22:20 - 2016-05-27 23:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-16 22:20 - 2016-05-27 23:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-16 22:20 - 2016-05-27 23:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-16 22:20 - 2016-05-27 23:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 22:20 - 2016-05-27 22:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 22:20 - 2016-05-27 22:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 22:20 - 2016-05-27 22:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-16 22:19 - 2016-05-28 01:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-16 22:19 - 2016-05-28 01:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-16 22:19 - 2016-05-28 01:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-16 22:19 - 2016-05-28 00:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-16 22:19 - 2016-05-28 00:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 22:19 - 2016-05-28 00:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 22:19 - 2016-05-28 00:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 22:19 - 2016-05-28 00:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 22:19 - 2016-05-27 23:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 22:19 - 2016-05-27 23:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 22:19 - 2016-05-27 23:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 22:19 - 2016-05-27 23:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-16 22:19 - 2016-05-27 23:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 22:19 - 2016-05-27 23:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-16 22:19 - 2016-05-27 23:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 22:19 - 2016-05-27 23:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-16 22:19 - 2016-05-27 23:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-16 22:19 - 2016-05-27 23:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-16 22:19 - 2016-05-27 23:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 22:19 - 2016-05-27 23:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-16 22:19 - 2016-05-27 23:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-16 22:19 - 2016-05-27 23:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 22:19 - 2016-05-27 23:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-16 22:19 - 2016-05-27 23:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-16 22:19 - 2016-05-27 23:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-16 22:19 - 2016-05-27 23:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-16 22:19 - 2016-05-27 23:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-16 22:19 - 2016-05-27 23:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-16 22:19 - 2016-05-27 23:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-16 22:19 - 2016-05-27 23:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-16 22:19 - 2016-05-27 23:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-16 22:19 - 2016-05-27 23:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 22:19 - 2016-05-27 23:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 22:19 - 2016-05-27 23:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-16 22:19 - 2016-05-27 23:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-16 22:19 - 2016-05-27 23:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-16 22:19 - 2016-05-27 23:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-16 22:18 - 2016-05-28 01:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-16 22:18 - 2016-05-28 01:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-16 22:18 - 2016-05-28 01:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-16 22:18 - 2016-05-27 23:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-16 22:18 - 2016-05-27 23:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-16 22:18 - 2016-05-27 23:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-16 22:18 - 2016-05-27 23:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-16 22:18 - 2016-05-27 23:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-16 22:18 - 2016-05-27 23:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-16 22:18 - 2016-05-27 22:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-08 15:55 - 2016-06-08 15:55 - 00000291 _____ C:\Users\Steve\Desktop\CHASE CHECKING - chase.com.url
2016-06-08 15:16 - 2016-06-24 16:14 - 00000000 ____D C:\AdwCleaner
2016-06-08 15:14 - 2016-06-08 15:14 - 00000312 _____ C:\WINDOWS\system32\.crusader
2016-06-08 15:07 - 2016-06-08 15:14 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-08 14:50 - 2016-06-08 14:50 - 00000237 _____ C:\Users\Steve\Desktop\(1 unread) - brpapabear@bellsouth.net - att.net Mail.url
2016-06-08 14:34 - 2016-06-08 14:34 - 06893008 _____ (Piriform Ltd) C:\Users\Steve\Downloads\ccsetup518.exe
2016-06-08 14:33 - 2016-06-08 14:33 - 00000000 ____D C:\Users\Steve\AppData\Local\lptmp1779120508
2016-06-08 14:33 - 2016-06-08 14:33 - 00000000 ____D C:\Users\Steve\AppData\Local\lptmp1660658820
2016-06-07 17:19 - 2016-06-29 12:05 - 00000000 ____D C:\Users\Steve\AppData\LocalLow\Temp
2016-06-06 20:27 - 2016-06-06 20:27 - 00267557 _____ C:\Users\Steve\Desktop\Auth_Form-one-time-payment--CC__1_-signed.pdf
2016-06-06 16:26 - 2016-06-06 16:26 - 00000000 ____D C:\Users\Steve\Documents\Dom - 877-232-4686
2016-06-06 16:18 - 2016-06-18 11:31 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 16:18 - 2016-06-18 11:31 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-06 16:15 - 2016-06-08 14:33 - 00000000 ____D C:\Users\Steve\AppData\Local\lptmp
2016-06-06 16:15 - 2016-06-06 20:26 - 00000000 ____D C:\Users\Steve\AppData\LocalLow\LastPass
2016-06-06 16:13 - 2016-06-08 14:33 - 00000000 ____D C:\ProgramData\WRData
2016-06-06 16:05 - 2016-06-06 16:05 - 00000000 ____D C:\Users\Steve\AppData\Local\VS Revo Group
2016-06-06 16:05 - 2016-06-06 16:05 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-06-06 15:58 - 2016-06-08 14:29 - 00000000 ____D C:\Users\Steve\AppData\LocalLow\Adblock Plus for IE
2016-05-13 11:44 - 2016-05-13 11:44 - 02570624 _____ C:\Users\Steve\Downloads\Zom-B.azw3
2016-05-13 11:18 - 2016-04-22 23:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-13 11:18 - 2016-04-22 23:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-13 11:18 - 2016-04-22 23:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-13 11:18 - 2016-04-22 23:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-13 11:17 - 2016-05-05 23:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-13 11:17 - 2016-04-23 01:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-13 11:17 - 2016-04-23 01:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-13 11:17 - 2016-04-23 00:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-13 11:17 - 2016-04-23 00:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-13 11:17 - 2016-04-23 00:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-13 11:17 - 2016-04-23 00:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-13 11:17 - 2016-04-23 00:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-13 11:17 - 2016-04-23 00:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-13 11:17 - 2016-04-23 00:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-13 11:17 - 2016-04-23 00:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-13 11:17 - 2016-04-23 00:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-13 11:17 - 2016-04-23 00:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-13 11:17 - 2016-04-23 00:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-13 11:17 - 2016-04-23 00:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-13 11:17 - 2016-04-23 00:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-13 11:17 - 2016-04-23 00:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-13 11:17 - 2016-04-23 00:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-13 11:17 - 2016-04-23 00:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-13 11:17 - 2016-04-23 00:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-13 11:17 - 2016-04-23 00:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-13 11:17 - 2016-04-23 00:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-13 11:17 - 2016-04-23 00:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-13 11:17 - 2016-04-23 00:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-13 11:17 - 2016-04-23 00:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-13 11:17 - 2016-04-23 00:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-13 11:17 - 2016-04-23 00:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-13 11:17 - 2016-04-23 00:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-13 11:17 - 2016-04-23 00:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-13 11:17 - 2016-04-22 23:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-13 11:17 - 2016-04-22 23:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-13 11:17 - 2016-04-22 23:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-13 11:17 - 2016-04-22 23:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-13 11:17 - 2016-04-22 23:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-13 11:17 - 2016-04-22 23:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-13 11:17 - 2016-04-22 23:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-13 11:17 - 2016-04-22 23:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-13 11:17 - 2016-04-22 23:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-13 11:17 - 2016-04-22 23:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-13 11:17 - 2016-04-22 23:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-13 11:17 - 2016-04-22 23:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-13 11:17 - 2016-04-22 23:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-13 11:17 - 2016-04-22 23:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-13 11:17 - 2016-04-22 23:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-13 11:17 - 2016-04-22 23:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-13 11:17 - 2016-04-22 23:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-13 11:17 - 2016-04-22 23:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-13 11:17 - 2016-04-22 23:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-13 11:17 - 2016-04-22 23:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-13 11:17 - 2016-04-22 23:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-13 11:17 - 2016-04-22 23:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-13 11:17 - 2016-04-22 23:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-13 11:17 - 2016-04-22 23:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-13 11:17 - 2016-04-22 23:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-13 11:17 - 2016-04-22 23:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-13 11:17 - 2016-04-22 23:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-13 11:17 - 2016-04-22 23:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-13 11:17 - 2016-04-22 23:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-13 11:17 - 2016-04-22 23:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-13 11:17 - 2016-04-22 23:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-13 11:17 - 2016-04-22 23:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-13 11:17 - 2016-04-22 23:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-13 11:17 - 2016-04-22 23:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-13 11:17 - 2016-04-22 23:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-13 11:17 - 2016-04-22 23:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-13 11:17 - 2016-04-22 23:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-13 11:17 - 2016-04-22 23:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-13 11:17 - 2016-04-22 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-13 11:17 - 2016-04-22 23:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-13 11:17 - 2016-04-22 23:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-13 11:17 - 2016-04-22 23:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-13 11:17 - 2016-04-22 23:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-13 11:17 - 2016-04-22 23:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-13 11:17 - 2016-04-22 23:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-13 11:17 - 2016-04-22 23:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-13 11:17 - 2016-04-22 23:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-13 11:17 - 2016-04-22 21:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-13 11:16 - 2016-05-05 23:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-13 11:16 - 2016-05-05 23:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-13 11:16 - 2016-05-05 22:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-13 11:16 - 2016-05-05 22:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-13 11:16 - 2016-05-05 22:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-13 11:16 - 2016-05-05 22:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-13 11:16 - 2016-04-23 00:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-13 11:16 - 2016-04-23 00:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-13 11:16 - 2016-04-23 00:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-13 11:16 - 2016-04-23 00:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-13 11:16 - 2016-04-23 00:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-13 11:16 - 2016-04-23 00:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-13 11:16 - 2016-04-23 00:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-13 11:16 - 2016-04-23 00:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-13 11:16 - 2016-04-23 00:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-13 11:16 - 2016-04-23 00:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-13 11:16 - 2016-04-23 00:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-13 11:16 - 2016-04-23 00:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-13 11:16 - 2016-04-23 00:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-13 11:16 - 2016-04-23 00:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-13 11:16 - 2016-04-23 00:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-13 11:16 - 2016-04-23 00:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-13 11:16 - 2016-04-22 23:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-13 11:16 - 2016-04-22 23:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-13 11:16 - 2016-04-22 23:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-13 11:16 - 2016-04-22 23:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-13 11:16 - 2016-04-22 23:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-13 11:16 - 2016-04-22 23:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-13 11:16 - 2016-04-22 23:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-13 11:16 - 2016-04-22 23:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-13 11:16 - 2016-04-22 23:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-13 11:16 - 2016-04-22 23:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-13 11:16 - 2016-04-22 23:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-13 11:16 - 2016-04-22 23:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-13 11:16 - 2016-04-22 23:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-13 11:16 - 2016-04-22 23:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-13 11:16 - 2016-04-22 23:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-13 11:16 - 2016-04-22 23:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-13 11:16 - 2016-04-22 23:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-13 11:16 - 2016-04-22 23:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-13 11:16 - 2016-04-22 23:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-13 11:16 - 2016-04-22 23:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-13 11:16 - 2016-04-22 23:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-13 11:16 - 2016-04-22 23:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-13 11:16 - 2016-04-22 23:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-13 11:16 - 2016-04-22 23:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-13 11:16 - 2016-04-22 23:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-13 11:16 - 2016-04-22 23:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-13 11:16 - 2016-04-22 23:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-13 11:16 - 2016-04-22 23:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-13 11:16 - 2016-04-22 23:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-13 11:16 - 2016-04-22 23:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-13 11:16 - 2016-04-22 23:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-13 11:16 - 2016-04-22 23:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-13 11:16 - 2016-04-22 23:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-13 11:16 - 2016-04-22 23:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-13 11:16 - 2016-04-22 23:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-13 11:16 - 2016-04-22 23:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-13 11:16 - 2016-04-22 22:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-13 11:16 - 2016-04-22 21:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-13 11:16 - 2016-04-18 17:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-04 21:03 - 2016-05-04 21:08 - 00320412 _____ C:\Users\Steve\Downloads\20160429093659418 (1).pdf
2016-05-04 21:03 - 2016-05-04 21:03 - 00320412 _____ C:\Users\Steve\Downloads\20160429093659418.pdf
2016-04-18 13:59 - 2016-04-18 13:59 - 00746724 _____ C:\Users\Steve\Downloads\Kingdom of Ashes.azw3
2016-04-18 12:58 - 2016-04-18 12:58 - 00746724 _____ C:\Users\Steve\Downloads\Kingdom of Ashes (5).azw3
2016-04-18 12:57 - 2016-04-18 12:57 - 00746724 _____ C:\Users\Steve\Downloads\Kingdom of Ashes (2).azw3
2016-04-18 12:51 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-18 12:51 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-18 12:51 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-18 12:51 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-18 12:51 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-18 12:51 - 2016-03-29 02:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-18 12:51 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-18 12:51 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-18 12:51 - 2016-03-29 01:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-18 12:50 - 2016-04-01 23:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-18 12:50 - 2016-04-01 22:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-18 12:50 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-18 12:50 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-18 12:50 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-18 12:50 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-18 12:50 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-18 12:50 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-18 12:50 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-18 12:50 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-18 12:50 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-18 12:50 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-18 12:50 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-18 12:50 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-18 12:50 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-18 12:50 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-18 12:50 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-18 12:50 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-18 12:50 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-18 12:50 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-18 12:50 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-18 12:50 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-18 12:50 - 2016-03-29 02:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-18 12:50 - 2016-03-29 02:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-18 12:50 - 2016-03-29 02:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-18 12:50 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-18 12:50 - 2016-03-29 02:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-18 12:50 - 2016-03-29 02:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-18 12:50 - 2016-03-29 02:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-18 12:50 - 2016-03-29 02:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-18 12:50 - 2016-03-29 02:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-18 12:50 - 2016-03-29 02:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby netride » June 30th, 2016, 10:13 am

2nd PART OF FRST.TXT BELOW:
\Windows.Security.Authentication.Web.Core.dll
2016-04-18 12:50 - 2016-03-29 02:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-18 12:50 - 2016-03-29 02:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-18 12:50 - 2016-03-29 02:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-18 12:50 - 2016-03-29 02:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-18 12:50 - 2016-03-29 02:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-18 12:50 - 2016-03-29 02:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-18 12:50 - 2016-03-29 02:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-18 12:50 - 2016-03-29 02:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-18 12:50 - 2016-03-29 02:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-18 12:50 - 2016-03-29 02:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-18 12:50 - 2016-03-29 02:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-18 12:50 - 2016-03-29 01:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-18 12:50 - 2016-03-29 01:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-18 12:50 - 2016-03-29 01:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-18 12:50 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-18 12:50 - 2016-03-29 01:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-18 12:50 - 2016-03-29 01:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-18 12:50 - 2016-03-29 01:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-18 12:50 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-18 12:50 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-18 12:50 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-18 12:50 - 2016-03-29 01:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-18 12:50 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-18 12:50 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-18 12:50 - 2016-03-29 01:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-18 12:50 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-18 12:50 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-18 12:50 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-18 12:50 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-18 12:50 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-18 12:50 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-18 12:50 - 2016-03-29 01:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-18 12:50 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-18 12:50 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-18 12:50 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-18 12:50 - 2016-03-29 01:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-18 12:50 - 2016-03-29 01:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-18 12:50 - 2016-03-29 00:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-18 12:50 - 2016-03-29 00:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-18 12:50 - 2016-03-29 00:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-18 12:50 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-18 12:50 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-18 12:50 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-18 12:50 - 2016-03-29 00:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-18 12:50 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-18 12:49 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-18 12:49 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-18 12:49 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-18 12:49 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-18 12:49 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-18 12:49 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-18 12:49 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-18 12:49 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-18 12:49 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-18 12:49 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-18 12:49 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-18 12:49 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-18 12:49 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-18 12:49 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-18 12:49 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-18 12:49 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-18 12:49 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-18 12:49 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-18 12:49 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-18 12:49 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-18 12:49 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-18 12:49 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-18 12:49 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-18 12:49 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-18 12:49 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-18 12:49 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-18 12:49 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-18 12:49 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-18 12:49 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-18 12:49 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-18 12:49 - 2016-03-29 02:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-18 12:49 - 2016-03-29 02:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-18 12:49 - 2016-03-29 02:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-18 12:49 - 2016-03-29 02:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-18 12:49 - 2016-03-29 02:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-18 12:49 - 2016-03-29 02:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-18 12:49 - 2016-03-29 02:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-18 12:49 - 2016-03-29 02:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-18 12:49 - 2016-03-29 02:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-18 12:49 - 2016-03-29 02:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-18 12:49 - 2016-03-29 02:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-18 12:49 - 2016-03-29 02:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-18 12:49 - 2016-03-29 02:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-18 12:49 - 2016-03-29 02:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-18 12:49 - 2016-03-29 02:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-18 12:49 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-18 12:49 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-18 12:49 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-18 12:49 - 2016-03-29 02:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-18 12:49 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-18 12:49 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-18 12:49 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-18 12:49 - 2016-03-29 02:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-18 12:49 - 2016-03-29 02:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-18 12:49 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-18 12:49 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-18 12:49 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-18 12:49 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-18 12:49 - 2016-03-29 02:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-18 12:49 - 2016-03-29 02:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-18 12:49 - 2016-03-29 01:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-18 12:49 - 2016-03-29 01:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-18 12:49 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-18 12:49 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-18 12:49 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-18 12:49 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-18 12:49 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-18 12:49 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-18 12:49 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-18 12:49 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-18 12:49 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-18 12:49 - 2016-03-29 01:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-18 12:49 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-18 12:49 - 2016-03-29 01:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-18 12:49 - 2016-03-29 00:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-18 12:49 - 2016-03-29 00:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-18 12:49 - 2016-03-29 00:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-18 12:49 - 2016-03-29 00:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-18 12:49 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-18 12:49 - 2016-03-29 00:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-09 11:20 - 2016-04-09 11:20 - 00002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-04-09 11:20 - 2016-04-09 11:20 - 00000000 ____D C:\Users\Steve\AppData\LocalLow\Google
2016-04-09 11:19 - 2016-04-09 11:19 - 00987728 _____ (Google Inc.) C:\Users\Steve\Downloads\GoogleEarthSetup.exe
2016-04-06 12:30 - 2016-04-06 12:30 - 03836976 _____ (Oleg N. Scherbakov) C:\Users\Steve\Downloads\HPSupportSolutionsFramework-12.3.11.29.exe
2016-04-06 12:03 - 2016-04-07 12:55 - 00001601 _____ C:\Users\Steve\Desktop\Microsoft Edge.lnk
2016-04-06 11:54 - 2016-04-06 11:54 - 00103984 _____ C:\Users\Steve\Downloads\AutoIDCards (1).pdf
2016-04-06 11:37 - 2016-04-06 11:37 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2016-04-06 11:37 - 2016-04-06 11:37 - 00000000 ___HD C:\Program Files\CanonBJ
2016-04-06 11:37 - 2016-04-06 11:37 - 00000000 ____D C:\WINDOWS\SysWOW64\STRING
2016-04-06 11:33 - 2016-04-06 11:33 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-04-06 11:32 - 2016-02-23 05:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-06 11:32 - 2016-02-23 04:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-06 11:31 - 2016-02-24 04:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-06 11:31 - 2016-02-24 01:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-06 11:31 - 2016-02-24 00:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-06 11:31 - 2016-02-24 00:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-06 11:31 - 2016-02-23 05:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-06 11:31 - 2016-02-23 05:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-06 11:31 - 2016-02-23 05:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-06 11:31 - 2016-02-23 05:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-06 11:31 - 2016-02-23 04:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-06 11:31 - 2016-02-23 04:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-06 11:31 - 2016-02-23 04:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-06 11:31 - 2016-02-23 04:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-06 11:31 - 2016-02-23 04:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-06 11:31 - 2016-02-23 04:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-06 11:31 - 2016-02-23 03:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-06 11:31 - 2016-02-23 03:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-06 11:31 - 2016-02-23 03:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-06 11:31 - 2016-02-23 02:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-06 11:31 - 2016-02-23 01:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-06 11:31 - 2016-02-23 01:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-06 11:31 - 2016-02-23 01:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-06 11:31 - 2016-02-23 01:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-06 11:31 - 2016-02-23 01:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-06 11:31 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-04-06 11:31 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-04-06 11:31 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-04-06 11:31 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-04-06 11:30 - 2016-03-01 00:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-06 11:30 - 2016-03-01 00:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-06 11:30 - 2016-02-24 04:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-06 11:30 - 2016-02-24 03:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-06 11:30 - 2016-02-24 03:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-06 11:30 - 2016-02-24 03:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-06 11:30 - 2016-02-24 03:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-06 11:30 - 2016-02-24 03:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-06 11:30 - 2016-02-24 03:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-06 11:30 - 2016-02-24 03:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-06 11:30 - 2016-02-24 02:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-06 11:30 - 2016-02-24 02:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-06 11:30 - 2016-02-24 02:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-06 11:30 - 2016-02-24 02:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-06 11:30 - 2016-02-24 02:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-06 11:30 - 2016-02-24 02:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-06 11:30 - 2016-02-24 02:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-06 11:30 - 2016-02-24 02:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-06 11:30 - 2016-02-24 02:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-06 11:30 - 2016-02-24 01:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-06 11:30 - 2016-02-24 01:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-06 11:30 - 2016-02-24 01:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-06 11:30 - 2016-02-24 01:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-06 11:30 - 2016-02-24 01:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-06 11:30 - 2016-02-24 01:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-06 11:30 - 2016-02-24 01:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-06 11:30 - 2016-02-24 01:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-06 11:30 - 2016-02-24 01:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-06 11:30 - 2016-02-24 01:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-06 11:30 - 2016-02-24 01:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-06 11:30 - 2016-02-24 01:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-06 11:30 - 2016-02-24 01:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-06 11:30 - 2016-02-24 01:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-06 11:30 - 2016-02-24 01:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-06 11:30 - 2016-02-24 01:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-06 11:30 - 2016-02-24 01:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-06 11:30 - 2016-02-24 01:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-06 11:30 - 2016-02-24 01:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-06 11:30 - 2016-02-24 01:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-06 11:30 - 2016-02-24 01:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-06 11:30 - 2016-02-24 01:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-06 11:30 - 2016-02-24 01:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-06 11:30 - 2016-02-24 01:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-06 11:30 - 2016-02-24 01:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-06 11:30 - 2016-02-24 01:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-06 11:30 - 2016-02-24 01:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-06 11:30 - 2016-02-24 01:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-06 11:30 - 2016-02-24 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-06 11:30 - 2016-02-23 06:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-06 11:30 - 2016-02-23 06:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-06 11:30 - 2016-02-23 05:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-06 11:30 - 2016-02-23 05:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-06 11:30 - 2016-02-23 05:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-06 11:30 - 2016-02-23 05:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-06 11:30 - 2016-02-23 05:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-06 11:30 - 2016-02-23 05:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-06 11:30 - 2016-02-23 04:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-06 11:30 - 2016-02-23 04:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-06 11:30 - 2016-02-23 04:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-06 11:30 - 2016-02-23 04:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-06 11:30 - 2016-02-23 04:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-06 11:30 - 2016-02-23 04:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-06 11:30 - 2016-02-23 04:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-06 11:30 - 2016-02-23 03:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-06 11:30 - 2016-02-23 03:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-06 11:30 - 2016-02-23 03:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-06 11:30 - 2016-02-23 03:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-06 11:30 - 2016-02-23 03:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-06 11:30 - 2016-02-23 03:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-06 11:30 - 2016-02-23 03:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-06 11:30 - 2016-02-23 03:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-06 11:30 - 2016-02-23 03:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-06 11:30 - 2016-02-23 03:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-06 11:30 - 2016-02-23 03:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-06 11:30 - 2016-02-23 03:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-06 11:30 - 2016-02-23 03:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-06 11:30 - 2016-02-23 03:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-06 11:30 - 2016-02-23 03:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-06 11:30 - 2016-02-23 03:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-06 11:30 - 2016-02-23 03:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-06 11:30 - 2016-02-23 03:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-06 11:30 - 2016-02-23 03:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-06 11:30 - 2016-02-23 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-06 11:30 - 2016-02-23 03:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-06 11:30 - 2016-02-23 03:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-06 11:30 - 2016-02-23 03:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-06 11:30 - 2016-02-23 03:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-06 11:30 - 2016-02-23 02:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-06 11:30 - 2016-02-23 02:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-06 11:30 - 2016-02-23 02:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-06 11:30 - 2016-02-23 02:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-06 11:30 - 2016-02-23 02:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-06 11:30 - 2016-02-23 02:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-06 11:30 - 2016-02-23 02:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-06 11:30 - 2016-02-23 02:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-06 11:30 - 2016-02-23 02:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-06 11:30 - 2016-02-23 02:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-06 11:30 - 2016-02-23 02:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-06 11:30 - 2016-02-23 02:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-06 11:30 - 2016-02-23 02:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-06 11:30 - 2016-02-23 02:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-06 11:30 - 2016-02-08 22:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-06 11:30 - 2016-02-08 22:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-06 11:30 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-06 11:30 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-04-06 11:30 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-04-06 11:30 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-06 11:30 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-04-06 11:30 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-04-06 11:30 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-04-06 11:30 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-04-06 11:30 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-04-06 11:30 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-04-06 11:30 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-04-06 11:30 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-04-06 11:30 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-04-06 11:30 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-04-06 11:30 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-04-06 11:30 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-04-06 11:30 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-04-06 11:30 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-04-06 11:30 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-04-06 11:30 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-04-06 11:30 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-06 11:30 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-04-06 11:30 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-06 11:30 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-04-06 11:30 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-04-06 11:30 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-04-06 11:30 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-04-06 11:30 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-04-06 11:30 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-06 11:30 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-04-06 11:30 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-04-06 11:30 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-04-06 11:30 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-04-06 11:30 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-06 11:30 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-04-06 11:30 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-04-06 11:30 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-04-06 11:30 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-06 11:30 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-04-06 11:30 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-04-06 11:30 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-04-06 11:30 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-04-06 11:30 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-04-06 11:29 - 2016-02-24 03:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-06 11:29 - 2016-02-24 02:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-06 11:29 - 2016-02-24 02:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-06 11:29 - 2016-02-24 02:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-06 11:29 - 2016-02-24 02:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-06 11:29 - 2016-02-24 02:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-06 11:29 - 2016-02-24 02:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-06 11:29 - 2016-02-24 02:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-06 11:29 - 2016-02-24 02:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-06 11:29 - 2016-02-24 02:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-06 11:29 - 2016-02-24 02:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-06 11:29 - 2016-02-24 02:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-06 11:29 - 2016-02-24 02:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-06 11:29 - 2016-02-24 02:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-06 11:29 - 2016-02-24 02:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-06 11:29 - 2016-02-24 02:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-06 11:29 - 2016-02-24 02:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-06 11:29 - 2016-02-24 02:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-06 11:29 - 2016-02-24 02:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-06 11:29 - 2016-02-24 02:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-06 11:29 - 2016-02-24 01:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-06 11:29 - 2016-02-24 01:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-06 11:29 - 2016-02-24 01:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-06 11:29 - 2016-02-24 01:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-06 11:29 - 2016-02-24 01:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-06 11:29 - 2016-02-24 01:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-06 11:29 - 2016-02-24 01:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-06 11:29 - 2016-02-24 01:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-06 11:29 - 2016-02-24 01:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-06 11:29 - 2016-02-24 01:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-06 11:29 - 2016-02-24 01:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-06 11:29 - 2016-02-24 01:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-06 11:29 - 2016-02-24 01:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-06 11:29 - 2016-02-24 01:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-06 11:29 - 2016-02-24 01:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-06 11:29 - 2016-02-24 01:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-06 11:29 - 2016-02-24 01:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-06 11:29 - 2016-02-24 01:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-06 11:29 - 2016-02-24 01:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-06 11:29 - 2016-02-24 01:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-06 11:29 - 2016-02-24 01:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-06 11:29 - 2016-02-24 00:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-06 11:29 - 2016-02-23 04:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-06 11:29 - 2016-02-23 04:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-06 11:29 - 2016-02-23 04:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-06 11:29 - 2016-02-23 04:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-06 11:29 - 2016-02-23 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-06 11:29 - 2016-02-23 03:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-06 11:29 - 2016-02-23 03:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-06 11:29 - 2016-02-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-06 11:29 - 2016-02-23 03:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-06 11:29 - 2016-02-23 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-06 11:29 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-04-06 11:29 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-04-06 11:29 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-04-06 11:29 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-04-06 11:29 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-04-06 11:29 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-04-06 11:29 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-06 11:29 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-04-06 11:29 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-04-06 11:29 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-04-06 11:29 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-04-06 11:29 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-04-06 11:29 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-04-06 11:29 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-04-06 11:29 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-04-06 11:29 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-04-06 11:29 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-04-06 11:29 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-04-06 11:29 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-04-06 11:29 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-04-06 11:29 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-04-06 11:29 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-04-06 11:29 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-04-06 11:29 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-04-06 11:25 - 2016-04-06 11:26 - 27438680 _____ C:\Users\Steve\Downloads\mast-win-mx920-1_0-ucd.exe
2016-04-06 11:18 - 2016-04-06 11:18 - 00000183 _____ C:\Users\Steve\Desktop\Bing.url
2016-04-06 10:59 - 2016-04-06 10:59 - 00000146 _____ C:\Users\Steve\Desktop\Windows Defender - Shortcut.lnk
2016-04-06 10:53 - 2016-04-06 10:53 - 06868672 _____ (Piriform Ltd) C:\Users\Steve\Downloads\ccsetup516.exe
2016-04-06 10:53 - 2016-04-06 10:53 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-06 10:53 - 2016-04-06 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-06 10:53 - 2016-04-06 10:53 - 00000000 ____D C:\Program Files\CCleaner
2016-04-06 10:17 - 2016-06-29 12:22 - 00000000 ____D C:\COMPUTER DOCTORx
2016-04-01 17:05 - 2016-04-01 17:06 - 00395988 _____ C:\Users\Steve\Downloads\No More Bull!_ The Mad Cowboy Targets America's Worst Enemy_ Our Diet.azw3==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-30 03:59 - 2015-11-12 12:08 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{96C282A4-1221-4739-9842-9910CF97F17C}
2016-06-29 23:41 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-29 22:44 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 19:17 - 2015-12-17 05:09 - 00972104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-29 19:17 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-29 12:08 - 2015-10-06 19:25 - 01410528 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-06-29 12:07 - 2015-12-17 05:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-29 12:06 - 2015-12-17 05:05 - 00065536 _____ C:\WINDOWS\psp_storage.bin
2016-06-29 12:06 - 2015-10-30 01:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-25 17:46 - 2015-12-17 05:09 - 00000000 ____D C:\Users\Steve
2016-06-25 17:39 - 2015-12-17 05:05 - 00000000 ____D C:\Program Files\AMD
2016-06-25 17:39 - 2015-12-07 15:56 - 00000000 ____D C:\ProgramData\AMD
2016-06-25 17:39 - 2015-10-06 18:55 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-06-25 17:34 - 2015-07-13 11:28 - 00000000 ____D C:\SWSetup
2016-06-25 17:14 - 2015-12-17 05:06 - 00012321 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-06-25 17:14 - 2015-12-17 05:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-06-25 17:14 - 2015-12-17 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-06-25 17:14 - 2015-10-06 18:54 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-21 11:32 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 11:30 - 2015-10-06 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-20 10:01 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-18 11:34 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 12:21 - 2015-07-16 01:05 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-17 12:19 - 2015-12-17 05:01 - 00241712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-17 12:17 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-17 12:17 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-17 12:17 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-17 08:54 - 2015-11-06 15:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-17 08:50 - 2015-11-06 15:50 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 15:40 - 2015-11-06 15:57 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-14 13:33 - 2015-10-30 02:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 13:33 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-06 16:18 - 2016-02-20 18:32 - 00000000 ____D C:\Users\Steve\AppData\Local\Google
2016-06-06 16:18 - 2016-02-20 18:32 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-06 13:05 - 2016-02-20 20:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-01 17:07 - 2015-11-07 14:06 - 00002488 _____ C:\Users\Steve\Desktop\Word 2016.lnk

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-23 18:51

==================== End of FRST.txt ============================
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby pgmigg » July 1st, 2016, 12:41 am

Hello netride,

Everything went fine. So far the Hijacker has not returned.
Your latest scans are clean. Before I will ask you to run a few final procedures please test all your browsers and let me know how all are working now in your next replay.
Please test your Chrome browser carefully.

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby netride » July 1st, 2016, 11:44 am

Chrome, IE11 and Edge are working perfectly. I am leaving to go out of town so I will not be in contact with you until I return next Friday, Thank you for all of your help!!!
netride
Active Member
 
Posts: 9
Joined: June 25th, 2016, 6:47 pm

Re: Browser Hijack. Help!!

Unread postby pgmigg » July 1st, 2016, 12:06 pm

Hello netride,

Chrome, IE11 and Edge are working perfectly.
Nice news! :D

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
Please download delfix and save it to your desktop.
  1. Right-click on delfix.exe and select "Run as administrator"to run it.
  2. Check the following boxes then click on Run.
    1. Activate UAC
    2. Remove disinfection tools
    3. Create registry backup
    4. Reset system settings
  3. All tools we used to clean your computer should be gone now.
  4. You can now delete any tools/logs we used if they remain on your computer.

Then:
  • Please don't forget to enable and update all your defense software!

Finally:
Please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3184
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Browser Hijack. Help!!

Unread postby NonSuch » July 13th, 2016, 4:21 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware