Received a warning from your program to contact you immediately

[Momadice 0]

I received a warning about an infection from your program that said I needed to contact you as experts in order to safely remove it.  Some kind of kernal infection.  My computer crashed while trying to prepare the pre logs you describe you want and I lost the screen shot.

 

 

[Momadice 0]

Emsisoft Emergency Kit - Version 10.0
Last update: 2015-10-08 1:28:13 AM
User account: DESKTOP-3HVNCRU\Cindy

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    2015-10-08 12:23:23 PM

Scanned    71708
Found    0

Scan end:    2015-10-08 12:26:55 PM
Scan time:    0:03:32
 

[Momadice 0]

This is the file highlighted as bad:

 

2015-10-07 11:43:06 PM    2272    C:\Windows\System32\RuntimeBroker.exe    Undefined event (0)    Behavior.HiddenInstallation  

[Elise 277]

Hello,

This is most likely a false-positive detection. Can you please upload that file to http://www.virustotal.comand post the link to the scan results here or attach a zipped copy to your next reply?

[Momadice 0]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-10-2015
Ran by Cindy (administrator) on DESKTOP-3HVNCRU (08-10-2015 12:34:00)
Running from C:\Users\Cindy\Desktop
Loaded Profiles: Cindy (Available Profiles: Cindy)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1509.5010.0_x64__8wekyb3d8bbwe\Time.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Emsisoft Ltd) C:\EEK\bin\a2emergencykit.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8205944 2014-12-30] (Zemana Ltd.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [5836888 2015-10-01] (Emsisoft Ltd)
HKU\S-1-5-21-289153866-87266423-1255115157-1001\...\MountPoints2: {ac1e0586-61df-11e5-9bc2-806e6f6e6963} - "F:\start.exe" E
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [86400 2014-12-30] (Zemana Ltd.)
ShellExecuteHooks-x32:  - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  No File
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{98dbb979-e4b1-4878-a216-6478374c855b}: [DhcpNameServer] 10.0.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-289153866-87266423-1255115157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/

FireFox:
========
FF ProfilePath: C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\te3pdqei.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Extension: WOT - C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\te3pdqei.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-09-29]
FF Extension: Adblock Plus - C:\Users\Cindy\AppData\Roaming\Mozilla\Firefox\Profiles\te3pdqei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [7084784 2015-10-01] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-09-23] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S4 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-09-23] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82672 2015-09-23] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-09-23] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-23] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-10-01] (Emsisoft GmbH)
S4 fwndis; C:\Windows\system32\DRIVERS\fwndis64.sys [494856 2015-09-23] ()
R1 FWNDIS_LWF; C:\Windows\system32\DRIVERS\fwndislwf64.sys [305360 2015-09-23] ()
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-06] ()
S4 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [109432 2015-10-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [109432 2015-10-06] (Zemana Ltd.)
S4 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-08 12:34 - 2015-10-08 12:34 - 00008241 _____ C:\Users\Cindy\Desktop\FRST.txt
2015-10-08 12:34 - 2015-10-08 12:34 - 00001854 _____ C:\Users\Cindy\Desktop\BB_151008-123453.txt
2015-10-08 12:33 - 2015-10-08 12:34 - 00000000 ____D C:\FRST
2015-10-08 12:26 - 2015-10-08 12:32 - 02193920 _____ (Farbar) C:\Users\Cindy\Desktop\FRST64.exe
2015-10-08 11:53 - 2015-10-08 11:53 - 00227155 ____T C:\Users\Cindy\Desktop\V Singh Professional Corporation Thank You 8th October 2015.prn
2015-10-08 10:58 - 2015-10-08 10:58 - 00016148 _____ C:\Windows\system32\DESKTOP-3HVNCRU_Cindy_HistoryPrediction.bin
2015-10-08 00:30 - 2015-10-08 12:23 - 00000784 _____ C:\Users\Cindy\Desktop\Start Emsisoft Emergency Kit.lnk
2015-10-08 00:30 - 2015-10-08 12:22 - 00000000 ____D C:\EEK
2015-10-08 00:25 - 2015-10-08 00:25 - 00057097 _____ C:\Users\Cindy\Desktop\farbar d+RKocGz.htm
2015-10-07 23:55 - 2015-10-08 00:13 - 167922144 _____ C:\Users\Cindy\Downloads\EmsisoftEmergencyKit.exe
2015-10-07 21:08 - 2015-10-07 21:08 - 00021870 ____H C:\Users\Cindy\Desktop\~WRL2571.tmp
2015-10-07 10:31 - 2015-10-07 10:31 - 00000796 _____ C:\Windows\setupact.log
2015-10-07 10:31 - 2015-10-07 10:31 - 00000000 _____ C:\Windows\setuperr.log
2015-10-06 20:11 - 2015-10-08 11:51 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-06 19:55 - 2015-10-06 19:56 - 00031412 _____ C:\Users\Cindy\Documents\cc_20151006_195555.reg
2015-10-06 18:48 - 2015-10-06 18:48 - 00000598 _____ C:\Users\Cindy\Desktop\JRT.txt
2015-10-06 12:17 - 2015-10-06 12:17 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-06 10:16 - 2015-10-06 10:16 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-06 10:16 - 2015-10-06 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-06 10:15 - 2015-10-06 10:16 - 00000000 ____D C:\Program Files\iTunes
2015-10-06 10:15 - 2015-10-06 10:15 - 00000000 ____D C:\Program Files\iPod
2015-10-06 10:15 - 2015-10-06 10:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-06 10:13 - 2015-10-06 10:13 - 00000000 ____D C:\Program Files\Bonjour
2015-10-06 10:13 - 2015-10-06 10:13 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-06 10:12 - 2015-10-06 10:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-10-06 10:12 - 2015-10-06 10:12 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-06 09:58 - 2015-10-06 09:59 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\Apple Computer
2015-10-06 09:58 - 2015-10-06 09:58 - 00000000 ____D C:\Users\Cindy\AppData\Local\Apple Computer
2015-10-06 09:57 - 2015-10-06 10:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-06 09:57 - 2015-10-06 09:57 - 00000000 ____D C:\Users\Cindy\AppData\Local\Apple
2015-10-06 09:57 - 2015-10-06 09:57 - 00000000 ____D C:\ProgramData\Apple Computer
2015-10-06 09:56 - 2015-10-06 10:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-06 09:56 - 2015-10-06 09:57 - 00000000 ____D C:\ProgramData\Apple
2015-10-06 05:01 - 2015-10-06 05:01 - 00083939 _____ C:\Users\Cindy\Downloads\sgd_s-BR2_E.brl
2015-10-06 04:50 - 2015-10-06 04:51 - 04383777 _____ C:\Users\Cindy\Downloads\tdsskiller (1).zip
2015-10-04 00:45 - 2015-10-04 00:45 - 00001409 _____ C:\Users\Cindy\Desktop\Watchtower Library 2013 - English.lnk
2015-10-04 00:45 - 2015-10-04 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2013
2015-10-04 00:45 - 2015-10-04 00:45 - 00000000 ____D C:\Program Files (x86)\Watchtower
2015-10-03 13:51 - 2015-10-08 00:08 - 00002198 _____ C:\Users\Cindy\Desktop\Rkill.txt
2015-10-03 13:49 - 2015-10-03 13:49 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Cindy\Desktop\iexplorer.exe
2015-10-02 18:27 - 2015-09-15 12:12 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-02 18:27 - 2015-09-15 12:12 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-02 13:25 - 2015-10-06 03:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-02 13:03 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-10-02 13:03 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-10-02 13:03 - 2015-09-17 02:49 - 08020816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-02 13:03 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-10-02 13:03 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-02 13:03 - 2015-09-17 02:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-10-02 13:03 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-02 13:03 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-02 13:03 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-10-02 13:03 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-10-02 13:03 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-10-02 13:03 - 2015-09-17 02:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-10-02 13:03 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-02 13:03 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-10-02 13:03 - 2015-09-17 02:12 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-10-02 13:03 - 2015-09-17 02:07 - 21875712 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-02 13:03 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-10-02 13:03 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-10-02 13:03 - 2015-09-17 02:00 - 24595456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-02 13:03 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-10-02 13:03 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-10-02 13:03 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-10-02 13:03 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-10-02 13:03 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-10-02 13:03 - 2015-09-17 01:51 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-02 13:03 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-10-02 13:03 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-02 13:03 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-10-02 13:03 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-10-02 13:03 - 2015-09-17 01:47 - 07523328 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-10-02 13:03 - 2015-09-17 01:45 - 19325440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-02 13:03 - 2015-09-17 01:45 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-02 13:03 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-10-02 13:03 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-10-02 13:03 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-10-02 13:03 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-10-02 13:03 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-10-02 13:03 - 2015-09-17 01:37 - 18806272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-10-02 13:03 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-10-02 13:03 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-02 13:03 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-10-02 13:03 - 2015-09-17 01:32 - 03579904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-02 13:03 - 2015-09-17 01:31 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-10-02 13:02 - 2015-09-24 20:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-10-02 13:02 - 2015-09-24 20:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-10-02 13:02 - 2015-09-24 20:13 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-10-02 13:02 - 2015-09-24 19:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-02 13:02 - 2015-09-24 19:34 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-02 13:02 - 2015-09-24 19:24 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-10-02 13:02 - 2015-09-24 19:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-02 13:02 - 2015-09-24 19:23 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-02 13:02 - 2015-09-24 19:17 - 02178560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-02 13:02 - 2015-09-24 19:08 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-10-02 13:02 - 2015-09-24 19:07 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-10-02 13:02 - 2015-09-24 19:06 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-10-02 13:02 - 2015-09-24 19:05 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-10-02 13:02 - 2015-09-24 19:01 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-10-02 13:02 - 2015-09-24 19:01 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-10-02 13:02 - 2015-09-24 19:00 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-10-02 13:02 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-10-02 13:02 - 2015-09-24 19:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-10-02 13:02 - 2015-09-24 19:00 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-10-02 13:02 - 2015-09-24 18:53 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-10-02 13:02 - 2015-09-24 18:43 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-10-02 13:02 - 2015-09-24 18:43 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-02 13:02 - 2015-09-24 18:42 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-02 13:02 - 2015-09-24 18:25 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-10-02 13:02 - 2015-09-24 18:25 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-10-02 13:02 - 2015-09-24 18:25 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-02 13:02 - 2015-09-24 18:25 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-10-02 13:02 - 2015-09-24 18:25 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-10-02 13:02 - 2015-09-24 18:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-02 13:02 - 2015-09-24 18:19 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-02 13:02 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-10-02 13:02 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-10-02 13:02 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-10-02 13:02 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-10-02 13:02 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-02 13:02 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-10-02 13:02 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-10-02 13:02 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-10-02 13:02 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-10-02 13:02 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-02 13:02 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-10-02 13:02 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-02 13:02 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-10-02 13:02 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-02 13:02 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-10-02 13:02 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-10-02 13:02 - 2015-09-17 02:39 - 00081488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-02 13:02 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-10-02 13:02 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-10-02 13:02 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-10-02 13:02 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-10-02 13:02 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-02 13:02 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-10-02 13:02 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-10-02 13:02 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-10-02 13:02 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-10-02 13:02 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-02 13:02 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-10-02 13:02 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-10-02 13:02 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-10-02 13:02 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-10-02 13:02 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-10-02 13:02 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-10-02 13:02 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-10-02 13:02 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-10-02 13:02 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-10-02 13:02 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-10-02 13:02 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-10-02 13:02 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-10-02 13:02 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-10-02 13:02 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-10-02 13:02 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-10-02 13:02 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-10-02 13:02 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-10-02 13:02 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-10-02 13:02 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-10-02 13:02 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-10-02 13:02 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-10-02 13:02 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-10-02 13:02 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-10-02 13:02 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-02 13:02 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-10-02 13:02 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-02 13:02 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-10-02 13:02 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-10-02 13:02 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-10-02 13:02 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-10-02 13:02 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-10-02 13:02 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-10-02 13:02 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-10-02 13:02 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-10-02 13:02 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-10-02 13:02 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-10-02 13:02 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-10-02 13:02 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-10-02 13:02 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-10-02 13:02 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-10-02 13:02 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-02 13:02 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-02 13:02 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-10-02 13:02 - 2015-09-17 01:50 - 00929280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-10-02 13:02 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-10-02 13:02 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-02 13:02 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-10-02 13:02 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-10-02 13:02 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-10-02 13:02 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-10-02 13:02 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-10-02 13:02 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-02 13:02 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-10-02 13:02 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-02 13:02 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-10-02 13:02 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-10-02 13:02 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-10-02 13:02 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-10-02 13:02 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-10-02 13:02 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-10-02 13:02 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-10-02 13:02 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-10-02 13:02 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-10-02 13:02 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-10-02 13:02 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-10-02 13:02 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-10-02 13:02 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-10-02 13:02 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-10-02 13:02 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-10-02 13:02 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-10-02 13:02 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-02 13:02 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-02 13:02 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-10-02 13:02 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-10-02 13:02 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-10-02 13:02 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-02 13:02 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-10-02 13:02 - 2015-09-17 01:33 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-10-02 13:02 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-10-02 13:02 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-10-02 13:02 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-02 13:02 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-10-02 13:02 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-10-02 13:02 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-10-02 13:02 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-10-02 13:02 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-10-02 13:02 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-10-02 13:02 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-10-02 13:02 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-10-02 13:02 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-10-02 13:02 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-02 13:02 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-10-01 08:58 - 2015-10-01 08:58 - 00923136 _____ C:\Users\Cindy\Desktop\CaitlynFurness3.pub
2015-10-01 08:52 - 2015-10-01 08:52 - 00105984 _____ C:\Users\Cindy\Desktop\CaitlynFurness2.pub
2015-10-01 08:48 - 2015-10-01 09:00 - 00923648 _____ C:\Users\Cindy\Desktop\CaitlynFurness1.pub
2015-09-30 15:13 - 2015-10-06 19:17 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2015-09-30 15:13 - 2015-10-06 19:17 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2015-09-30 15:13 - 2015-10-06 19:17 - 00001213 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2015-09-30 15:13 - 2015-09-30 15:16 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-09-30 15:13 - 2015-09-30 15:13 - 00000000 ____D C:\Users\Cindy\AppData\Local\Zemana
2015-09-30 15:13 - 2015-09-30 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2015-09-30 15:11 - 2015-09-30 15:12 - 05078968 _____ ( ) C:\Users\Cindy\Downloads\Zemana.AntiMalware.Setup.exe
2015-09-30 15:03 - 2015-09-30 15:04 - 04383777 _____ C:\Users\Cindy\Downloads\tdsskiller.zip
2015-09-30 14:33 - 2015-09-30 14:33 - 01801288 _____ (Malwarebytes) C:\Users\Cindy\Downloads\JRT(1).exe
2015-09-30 14:22 - 2015-09-29 14:15 - 01801288 _____ (Malwarebytes) C:\Users\Cindy\Desktop\JRT.exe
2015-09-30 14:18 - 2015-10-08 00:09 - 00000000 ____D C:\AdwCleaner
2015-09-30 14:17 - 2015-09-30 14:17 - 01670656 _____ C:\Users\Cindy\Downloads\AdwCleaner.exe
2015-09-29 08:27 - 2015-09-29 08:27 - 00001212 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-28 14:20 - 2015-09-28 14:20 - 00089648 _____ C:\Users\Cindy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-28 12:16 - 2015-09-28 12:57 - 00100360 _____ C:\Users\Cindy\Downloads\150927_004 (3).jpg.7f2k8g8.partial
2015-09-28 09:18 - 2015-09-28 09:18 - 00049664 _____ C:\Users\Cindy\Downloads\Gails_WebBudget.xls
2015-09-28 09:17 - 2015-09-28 09:17 - 00000165 ____H C:\Users\Cindy\Desktop\~$Cindy Budget Worksheet - Final.xlsx
2015-09-28 09:10 - 2015-09-28 09:10 - 00049152 _____ C:\Users\Cindy\Downloads\SA Worksheet2 - Final.xls
2015-09-28 08:50 - 2015-09-28 08:50 - 00007722 _____ C:\Users\Cindy\Documents\cc_20150928_085051.reg
2015-09-28 08:46 - 2015-07-05 06:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-09-28 00:40 - 2015-09-28 00:40 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-09-28 00:27 - 2015-10-06 18:41 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2015-09-28 00:20 - 2015-10-08 00:09 - 00000000 ____D C:\Users\Cindy\AppData\Local\CrashDumps
2015-09-28 00:00 - 2015-10-06 19:00 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-09-28 00:00 - 2015-09-28 00:35 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-27 22:03 - 2015-09-27 22:06 - 00380416 _____ C:\Users\Cindy\Downloads\u7s3524b.exe
2015-09-27 21:15 - 2015-09-27 21:15 - 00004404 _____ C:\Users\Cindy\Documents\cc_20150927_211527.reg
2015-09-26 13:50 - 2015-09-26 13:50 - 00000000 ____D C:\Users\Cindy\Documents\OneNote Notebooks
2015-09-26 11:42 - 2015-09-26 11:42 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-26 11:42 - 2015-09-26 11:42 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-26 11:31 - 2015-10-08 01:36 - 00000000 ____D C:\Windows\Minidump
2015-09-25 12:27 - 2015-09-25 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-25 12:25 - 2015-09-26 11:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-09-25 12:25 - 2015-09-25 12:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-25 12:24 - 2015-09-25 12:24 - 00000000 ____D C:\Windows\PCHEALTH
2015-09-25 12:24 - 2015-09-25 12:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-09-25 12:21 - 2015-09-25 12:21 - 00000000 ____D C:\Program Files\Microsoft Office
2015-09-25 12:20 - 2015-09-28 11:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-25 12:20 - 2015-09-27 21:53 - 00000000 ____D C:\Users\Cindy\AppData\Local\Microsoft Help
2015-09-25 12:20 - 2015-09-25 12:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-25 12:19 - 2015-09-25 12:19 - 00000000 __RHD C:\MSOCache
2015-09-24 15:35 - 2015-09-25 12:46 - 00003145 _____ C:\Users\Cindy\Desktop\land petition index.txt
2015-09-24 12:32 - 2015-09-24 12:32 - 00000839 _____ C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cindy.lnk
2015-09-24 09:10 - 2015-09-24 09:10 - 00000000 ____D C:\Users\Cindy\AppData\LocalLow\Temp
2015-09-24 08:28 - 2015-09-24 08:28 - 00000000 ____D C:\Windows\system32\SleepStudy
2015-09-24 00:03 - 2015-10-06 03:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-24 00:03 - 2015-09-29 08:27 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-24 00:03 - 2015-09-24 00:17 - 00000000 ____D C:\Users\Cindy\AppData\Local\Mozilla
2015-09-24 00:03 - 2015-09-24 00:13 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\Mozilla
2015-09-23 23:57 - 2015-09-23 23:57 - 00243688 _____ C:\Users\Cindy\Downloads\Firefox Setup Stub 41.0.exe
2015-09-23 14:43 - 2015-09-23 14:43 - 00000000 ____D C:\Users\Cindy\Downloads\ccsetup505
2015-09-23 14:41 - 2015-09-23 14:41 - 00000000 ____D C:\Users\Cindy\AppData\Local\NetworkTiles
2015-09-23 13:43 - 2015-08-27 02:36 - 03620736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-23 13:43 - 2015-08-27 02:32 - 00608936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-09-23 13:43 - 2015-08-27 01:59 - 02880032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-23 13:43 - 2015-08-27 01:54 - 00541248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-09-23 13:43 - 2015-08-27 01:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-23 13:43 - 2015-08-27 01:51 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-23 13:43 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-23 13:43 - 2015-08-27 01:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-23 13:43 - 2015-08-27 01:47 - 12503552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-23 13:43 - 2015-08-27 01:43 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-23 13:43 - 2015-08-27 01:43 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-23 13:43 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-23 13:43 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2015-09-23 13:43 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-23 13:43 - 2015-08-27 01:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-23 13:43 - 2015-08-27 01:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-23 13:43 - 2015-08-27 01:16 - 02153472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-23 13:43 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-23 13:43 - 2015-08-27 01:12 - 00650752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-23 13:43 - 2015-08-27 01:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-23 13:43 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-23 13:43 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-23 13:43 - 2015-08-27 01:09 - 11262464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-23 13:43 - 2015-08-27 01:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-23 13:43 - 2015-08-20 02:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-09-23 13:43 - 2015-08-20 02:02 - 22324656 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-23 13:43 - 2015-08-20 01:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2015-09-23 13:43 - 2015-08-20 01:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-23 13:43 - 2015-08-20 01:16 - 20857848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-23 13:43 - 2015-08-18 03:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-09-23 13:43 - 2015-08-18 03:13 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2015-09-23 13:43 - 2015-08-18 03:13 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2015-09-23 13:43 - 2015-08-18 03:04 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-09-23 13:43 - 2015-08-18 02:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-09-23 13:43 - 2015-08-18 02:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2015-09-23 13:43 - 2015-08-18 02:58 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2015-09-23 13:43 - 2015-08-18 02:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2015-09-23 13:43 - 2015-08-18 02:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-09-23 13:43 - 2015-08-18 02:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-09-23 13:43 - 2015-08-18 02:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2015-09-23 13:43 - 2015-08-18 02:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2015-09-23 13:43 - 2015-08-18 02:54 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2015-09-23 13:43 - 2015-08-18 02:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2015-09-23 13:43 - 2015-08-18 02:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-23 13:43 - 2015-08-18 02:49 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-09-23 13:43 - 2015-08-18 02:49 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2015-09-23 13:43 - 2015-08-18 02:49 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2015-09-23 13:43 - 2015-08-18 02:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2015-09-23 13:43 - 2015-08-18 02:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2015-09-23 13:43 - 2015-08-18 02:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2015-09-23 13:43 - 2015-08-18 02:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2015-09-23 13:43 - 2015-08-18 02:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-23 13:43 - 2015-08-18 02:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2015-09-23 13:43 - 2015-08-18 00:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2015-09-23 11:45 - 2015-09-23 11:45 - 00000000 ____D C:\ProgramData\Emsisoft
2015-09-23 11:44 - 2015-09-28 08:48 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-23 11:43 - 2015-09-28 08:48 - 00000000 ____D C:\Users\Cindy\AppData\Local\Google
2015-09-23 11:35 - 2015-09-23 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-09-23 11:33 - 2015-10-08 12:31 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-09-23 11:28 - 2015-09-23 11:30 - 174587984 _____ (Emsisoft Ltd. ) C:\Users\Cindy\Downloads\EmsisoftAntiMalwareSetup.exe
2015-09-23 10:41 - 2015-09-23 21:55 - 00000000 ____D C:\Windows\Panther
2015-09-23 09:47 - 2015-10-08 01:37 - 01017834 _____ C:\Windows\SysWOW64\rootpa.e2e
2015-09-23 09:46 - 2015-09-23 09:46 - 00000000 ____D C:\Windows\tbaseregistry
2015-09-23 09:46 - 2015-07-10 07:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEShims.dll
2015-09-23 09:42 - 2015-09-23 09:42 - 00000000 ____D C:\Windows\system32\MRT
2015-09-23 09:42 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-09-23 09:38 - 2015-08-11 05:05 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-09-23 09:38 - 2015-08-11 05:03 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-09-23 09:38 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-23 09:38 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-23 09:38 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-23 09:38 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2015-09-23 09:38 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-23 09:38 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-09-23 09:38 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-09-23 09:38 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-09-23 09:38 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-09-23 09:38 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-09-23 09:38 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-09-23 09:38 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-09-23 09:38 - 2015-07-25 23:49 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-09-23 09:38 - 2015-07-25 23:38 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-09-23 09:38 - 2015-07-21 23:54 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-09-23 09:38 - 2015-07-21 23:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-09-23 09:38 - 2015-07-18 03:29 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2015-09-23 09:38 - 2015-07-17 23:52 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-09-23 09:38 - 2015-07-14 22:41 - 01135312 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2015-09-23 09:38 - 2015-07-14 22:22 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-09-23 09:38 - 2015-07-14 21:47 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-09-23 09:38 - 2015-07-10 21:17 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-09-23 09:38 - 2015-07-10 21:04 - 03362816 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-23 09:38 - 2015-07-10 21:03 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-09-23 09:38 - 2015-07-10 20:51 - 04398080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-09-23 09:38 - 2015-07-10 20:41 - 03687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-09-23 09:38 - 2015-07-10 20:40 - 02606080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-09-23 09:38 - 2015-07-10 05:53 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2015-09-23 09:37 - 2015-09-23 09:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-09-23 09:37 - 2015-08-11 06:04 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-09-23 09:37 - 2015-08-11 06:04 - 01087296 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-09-23 09:37 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2015-09-23 09:37 - 2015-08-11 05:50 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-23 09:37 - 2015-08-11 05:40 - 04048808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-09-23 09:37 - 2015-08-11 05:40 - 00918320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-09-23 09:37 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2015-09-23 09:37 - 2015-08-11 05:14 - 00404480 _____ C:\Windows\system32\diagtrack_wininternal.dll
2015-09-23 09:37 - 2015-08-11 05:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2015-09-23 09:37 - 2015-08-11 05:11 - 02446336 _____ C:\Windows\system32\InputService.dll
2015-09-23 09:37 - 2015-08-11 05:08 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2015-09-23 09:37 - 2015-08-11 04:51 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2015-09-23 09:37 - 2015-08-11 04:43 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-09-23 09:37 - 2015-08-11 04:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-09-23 09:37 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-23 09:37 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-23 09:37 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-09-23 09:37 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2015-09-23 09:37 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-09-23 09:37 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-09-23 09:37 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-23 09:37 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2015-09-23 09:37 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2015-09-23 09:37 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2015-09-23 09:37 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-09-23 09:37 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-09-23 09:37 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2015-09-23 09:37 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2015-09-23 09:37 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2015-09-23 09:37 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2015-09-23 09:37 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2015-09-23 09:37 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2015-09-23 09:37 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2015-09-23 09:37 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2015-09-23 09:37 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2015-09-23 09:37 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2015-09-23 09:37 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2015-09-23 09:37 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-09-23 09:37 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-09-23 09:37 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-23 09:37 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-09-23 09:37 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2015-09-23 09:37 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-09-23 09:37 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2015-09-23 09:37 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-23 09:37 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-09-23 09:37 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-09-23 09:37 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-09-23 09:37 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2015-09-23 09:37 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2015-09-23 09:37 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2015-09-23 09:37 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-09-23 09:37 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2015-09-23 09:37 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-09-23 09:37 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2015-09-23 09:37 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2015-09-23 09:37 - 2015-07-26 01:16 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-23 09:37 - 2015-07-26 01:16 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-09-23 09:37 - 2015-07-26 01:14 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-23 09:37 - 2015-07-26 01:14 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-09-23 09:37 - 2015-07-25 23:49 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-09-23 09:37 - 2015-07-25 23:47 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-09-23 09:37 - 2015-07-25 23:40 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-09-23 09:37 - 2015-07-25 23:40 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-09-23 09:37 - 2015-07-25 23:35 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-09-23 09:37 - 2015-07-25 23:34 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-09-23 09:37 - 2015-07-25 23:30 - 00750592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-09-23 09:37 - 2015-07-25 23:30 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-09-23 09:37 - 2015-07-23 23:30 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-09-23 09:37 - 2015-07-23 23:18 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2015-09-23 09:37 - 2015-07-23 23:17 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-09-23 09:37 - 2015-07-23 23:12 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2015-09-23 09:37 - 2015-07-23 22:34 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2015-09-23 09:37 - 2015-07-23 22:24 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-09-23 09:37 - 2015-07-22 00:02 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-09-23 09:37 - 2015-07-22 00:00 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-23 09:37 - 2015-07-21 23:13 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-23 09:37 - 2015-07-19 00:04 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2015-09-23 09:37 - 2015-07-18 03:43 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2015-09-23 09:37 - 2015-07-18 03:37 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2015-09-23 09:37 - 2015-07-18 00:06 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2015-09-23 09:37 - 2015-07-17 23:59 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2015-09-23 09:37 - 2015-07-17 23:59 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2015-09-23 09:37 - 2015-07-17 00:23 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2015-09-23 09:37 - 2015-07-17 00:07 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-09-23 09:37 - 2015-07-16 22:32 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-09-23 09:37 - 2015-07-16 22:31 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-23 09:37 - 2015-07-16 22:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-09-23 09:37 - 2015-07-16 22:24 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2015-09-23 09:37 - 2015-07-16 22:18 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-09-23 09:37 - 2015-07-16 21:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-09-23 09:37 - 2015-07-16 21:50 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2015-09-23 09:37 - 2015-07-16 21:44 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-09-23 09:37 - 2015-07-16 00:09 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2015-09-23 09:37 - 2015-07-16 00:04 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2015-09-23 09:37 - 2015-07-16 00:03 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2015-09-23 09:37 - 2015-07-15 23:47 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2015-09-23 09:37 - 2015-07-15 23:45 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-09-23 09:37 - 2015-07-15 23:43 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-23 09:37 - 2015-07-15 23:41 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2015-09-23 09:37 - 2015-07-15 23:35 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2015-09-23 09:37 - 2015-07-15 23:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2015-09-23 09:37 - 2015-07-15 23:32 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-09-23 09:37 - 2015-07-15 23:29 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-23 09:37 - 2015-07-15 23:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2015-09-23 09:37 - 2015-07-14 23:21 - 01365072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-23 09:37 - 2015-07-14 22:49 - 01591856 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-23 09:37 - 2015-07-14 22:49 - 00325984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-09-23 09:37 - 2015-07-14 21:57 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2015-09-23 09:37 - 2015-07-14 21:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2015-09-23 09:37 - 2015-07-13 21:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2015-09-23 09:37 - 2015-07-11 20:38 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2015-09-23 09:37 - 2015-07-11 20:25 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe
2015-09-23 09:37 - 2015-07-11 20:18 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2015-09-23 09:37 - 2015-07-11 19:46 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2015-09-23 09:37 - 2015-07-10 21:28 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2015-09-23 09:37 - 2015-07-10 21:07 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2015-09-23 09:37 - 2015-07-10 21:05 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2015-09-23 09:37 - 2015-07-10 21:02 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-23 09:37 - 2015-07-10 20:57 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2015-09-23 09:37 - 2015-07-10 20:43 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-23 09:37 - 2015-07-10 20:42 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2015-09-23 09:37 - 2015-07-10 20:34 - 00294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2015-09-23 09:37 - 2015-07-10 11:51 - 00823336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-09-23 09:37 - 2015-07-10 11:47 - 00265480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-09-23 09:37 - 2015-07-10 11:00 - 01101792 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-09-23 09:37 - 2015-07-10 10:52 - 00335248 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-09-23 09:37 - 2015-07-10 06:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2015-09-23 09:37 - 2015-07-10 05:29 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2015-09-23 09:36 - 2015-08-11 06:03 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-09-23 09:36 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2015-09-23 09:36 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-09-23 09:36 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-09-23 09:36 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2015-09-23 09:36 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2015-09-23 09:36 - 2015-08-11 05:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2015-09-23 09:36 - 2015-08-11 05:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2015-09-23 09:36 - 2015-08-11 05:10 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2015-09-23 09:36 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2015-09-23 09:36 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-09-23 09:36 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2015-09-23 09:36 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2015-09-23 09:36 - 2015-08-11 05:00 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-09-23 09:36 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-23 09:36 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2015-09-23 09:36 - 2015-08-11 04:59 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-09-23 09:36 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2015-09-23 09:36 - 2015-08-11 04:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2015-09-23 09:36 - 2015-08-11 04:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2015-09-23 09:36 - 2015-08-11 04:50 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2015-09-23 09:36 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-23 09:36 - 2015-08-11 04:48 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2015-09-23 09:36 - 2015-08-11 04:39 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-09-23 09:36 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-09-23 09:36 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2015-09-23 09:36 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2015-09-23 09:36 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2015-09-23 09:36 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2015-09-23 09:36 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2015-09-23 09:36 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-23 09:36 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-23 09:36 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-23 09:36 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-09-23 09:36 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-09-23 09:36 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-09-23 09:36 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2015-09-23 09:36 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2015-09-23 09:36 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2015-09-23 09:36 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-09-23 09:36 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2015-09-23 09:36 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-09-23 09:36 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2015-09-23 09:36 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2015-09-23 09:36 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2015-09-23 09:36 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2015-09-23 09:36 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2015-09-23 09:36 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2015-09-23 09:36 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2015-09-23 09:36 - 2015-07-25 23:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-09-23 09:36 - 2015-07-25 23:29 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2015-09-23 09:36 - 2015-07-23 23:17 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2015-09-23 09:36 - 2015-07-23 22:55 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-23 09:36 - 2015-07-23 22:52 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-09-23 09:36 - 2015-07-23 22:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2015-09-23 09:36 - 2015-07-23 22:30 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-09-23 09:36 - 2015-07-23 22:29 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2015-09-23 09:36 - 2015-07-23 22:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-09-23 09:36 - 2015-07-22 01:15 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-09-23 09:36 - 2015-07-22 00:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-09-23 09:36 - 2015-07-22 00:00 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-09-23 09:36 - 2015-07-21 23:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-09-23 09:36 - 2015-07-21 23:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-23 09:36 - 2015-07-21 23:07 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-09-23 09:36 - 2015-07-18 23:23 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2015-09-23 09:36 - 2015-07-18 23:18 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-09-23 09:36 - 2015-07-18 04:47 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2015-09-23 09:36 - 2015-07-18 03:28 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2015-09-23 09:36 - 2015-07-18 03:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2015-09-23 09:36 - 2015-07-18 01:17 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2015-09-23 09:36 - 2015-07-18 01:02 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2015-09-23 09:36 - 2015-07-17 23:50 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2015-09-23 09:36 - 2015-07-17 23:49 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2015-09-23 09:36 - 2015-07-17 23:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2015-09-23 09:36 - 2015-07-17 23:49 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2015-09-23 09:36 - 2015-07-17 23:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2015-09-23 09:36 - 2015-07-17 23:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-23 09:36 - 2015-07-17 00:13 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-09-23 09:36 - 2015-07-17 00:12 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-09-23 09:36 - 2015-07-16 22:39 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-23 09:36 - 2015-07-16 22:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2015-09-23 09:36 - 2015-07-16 22:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-23 09:36 - 2015-07-16 01:39 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-09-23 09:36 - 2015-07-15 23:40 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2015-09-23 09:36 - 2015-07-15 23:36 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2015-09-23 09:36 - 2015-07-14 22:04 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2015-09-23 09:36 - 2015-07-14 21:37 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2015-09-23 09:36 - 2015-07-14 21:27 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-23 09:36 - 2015-07-13 23:00 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-09-23 09:36 - 2015-07-13 22:37 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-09-23 09:36 - 2015-07-13 22:04 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2015-09-23 09:36 - 2015-07-13 21:38 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-09-23 09:36 - 2015-07-13 21:20 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-09-23 09:36 - 2015-07-12 20:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2015-09-23 09:36 - 2015-07-12 19:30 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2015-09-23 09:36 - 2015-07-10 21:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-23 09:36 - 2015-07-10 20:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-09-23 09:36 - 2015-07-10 06:59 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll
2015-09-23 09:36 - 2015-07-10 06:42 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2015-09-23 09:36 - 2015-07-10 06:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2015-09-23 09:26 - 2015-09-23 09:16 - 00305360 _____ C:\Windows\system32\Drivers\fwndislwf64.sys
2015-09-23 09:13 - 2015-09-23 09:15 - 00138504 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp64.sys
2015-09-23 09:12 - 2015-09-23 09:16 - 00494856 _____ C:\Windows\system32\Drivers\fwndis64.sys
2015-09-23 09:07 - 2015-09-23 09:09 - 00000000 ____D C:\Users\Cindy\AppData\Local\Comms
2015-09-23 08:18 - 2015-09-23 08:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-23 08:17 - 2015-09-23 09:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 08:17 - 2015-09-23 08:55 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 07:59 - 2015-09-23 07:59 - 01804704 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-09-23 07:59 - 2015-09-23 07:59 - 00129040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\tbaseregistry64.dll
2015-09-23 07:59 - 2015-09-23 07:59 - 00108560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\tbaseregistry32.dll
2015-09-23 07:59 - 2015-09-23 07:59 - 00060432 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
2015-09-23 07:59 - 2015-09-23 07:59 - 00025104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\t-base_client_api.dll
2015-09-23 07:59 - 2015-09-23 07:59 - 00021008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\t-base_client_api.dll
2015-09-23 07:59 - 2015-09-23 07:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2015-09-23 07:58 - 2015-09-23 07:59 - 02975768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\rootpacommon.dll
2015-09-23 07:58 - 2015-09-23 07:58 - 00277240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2015-09-23 07:58 - 2015-09-23 07:58 - 00106512 _____ (AMD) C:\Windows\system32\pspcoins.dll
2015-09-23 07:58 - 2015-09-23 07:58 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-09-23 07:58 - 2015-09-23 07:58 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2015-09-23 07:58 - 2015-09-23 07:58 - 00101104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdkmcsp.sys
2015-09-23 07:58 - 2015-09-23 07:58 - 00091664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdumcsp.dll
2015-09-23 07:58 - 2015-09-23 07:58 - 00071184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdumcsp.dll
2015-09-23 07:58 - 2015-09-23 07:58 - 00021007 _____ C:\Windows\SysWOW64\07010000000000000000000000000000.tlbin
2015-09-23 07:58 - 2015-09-23 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-09-23 07:57 - 2015-09-23 07:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-23 07:57 - 2015-09-23 07:57 - 00000000 ____D C:\ProgramData\AMD
2015-09-23 07:57 - 2015-09-23 07:57 - 00000000 ____D C:\Program Files\ATI Technologies
2015-09-23 07:57 - 2015-09-23 07:57 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-09-23 07:56 - 2015-10-06 18:40 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-09-23 07:56 - 2015-09-23 07:56 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-09-23 07:56 - 2015-09-23 07:56 - 00000000 ____D C:\Program Files\AMD
2015-09-23 07:56 - 2015-09-23 07:56 - 00000000 ____D C:\AMD
2015-09-23 07:56 - 2015-09-23 07:56 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-09-23 07:56 - 2015-09-23 07:55 - 00082672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2015-09-23 07:55 - 2015-09-23 07:55 - 47795680 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 39723504 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 30760944 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 27544560 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 22328800 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-09-23 07:55 - 2015-09-23 07:55 - 15727072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 14312416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 12062040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 08865496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 08009344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 07575664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-09-23 07:55 - 2015-09-23 07:55 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-09-23 07:55 - 2015-09-23 07:55 - 01468224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 01196032 _____ C:\Windows\system32\amdocl_as64.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 01070592 _____ C:\Windows\system32\amdocl_ld64.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 01005552 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00874480 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00833798 _____ C:\Windows\system32\amdicdxx.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00807424 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00681456 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00675296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-09-23 07:55 - 2015-09-23 07:55 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-09-23 07:55 - 2015-09-23 07:55 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-09-23 07:55 - 2015-09-23 07:55 - 00472832 _____ C:\Windows\system32\amdmiracast.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00452576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00256992 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00243696 _____ C:\Windows\system32\clinfo.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00213488 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00201184 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00198640 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00170464 _____ C:\Windows\system32\atieah64.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00169152 _____ C:\Windows\system32\ativce03.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00167456 _____ C:\Windows\system32\amde31a.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00153456 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00152560 _____ C:\Windows\SysWOW64\atieah32.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00152032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00143344 _____ C:\Windows\system32\amdhdl64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2015-09-23 07:55 - 2015-09-23 07:55 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-09-23 07:55 - 2015-09-23 07:55 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00132080 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00131592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00113880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00111832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00111600 _____ C:\Windows\system32\hsa-thunk64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00111088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00102384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00100816 _____ C:\Windows\system32\ativce02.dat
2015-09-23 07:55 - 2015-09-23 07:55 - 00099296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00095216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00091104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00089520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00082680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00073712 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00071152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00069600 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00064496 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00062432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00061408 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2015-09-23 07:55 - 2015-09-23 07:55 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00059360 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2015-09-23 07:55 - 2015-09-23 07:55 - 00043408 _____ C:\Windows\system32\kapp_si.sbin
2015-09-23 07:55 - 2015-09-23 07:55 - 00039904 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00012784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2015-09-23 07:55 - 2015-09-23 07:55 - 00012784 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2015-09-23 07:52 - 2015-09-23 08:43 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-23 07:50 - 2015-09-23 09:32 - 00000000 ____D C:\Users\Cindy\Desktop\mbar
2015-09-23 07:25 - 2015-09-23 09:30 - 00001205 _____ C:\Users\Public\Desktop\AntiLogger Free.lnk
2015-09-23 07:24 - 2015-09-23 09:45 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-09-23 07:24 - 2015-09-23 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2015-09-23 07:24 - 2015-09-23 09:30 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2015-09-23 07:24 - 2015-09-23 07:24 - 00000000 ____D C:\Users\Cindy\AppData\Local\AntiLogger Free
2015-09-23 07:24 - 2014-12-30 13:18 - 00076520 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2015-09-23 07:20 - 2015-09-23 07:20 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\Macromedia
2015-09-23 07:19 - 2015-09-23 09:34 - 00000000 ____D C:\Users\Cindy\AppData\Local\MicrosoftEdge
2015-09-23 07:18 - 2015-09-23 07:19 - 00002330 _____ C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-23 07:18 - 2015-09-23 07:19 - 00000000 ___RD C:\Users\Cindy\OneDrive
2015-09-23 07:18 - 2015-09-23 07:18 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-23 07:16 - 2015-09-23 07:16 - 00000000 ____D C:\Users\Cindy\AppData\Local\Publishers
2015-09-23 07:15 - 2015-10-08 09:08 - 00000000 ____D C:\Users\Cindy
2015-09-23 07:15 - 2015-10-06 03:19 - 00000000 ____D C:\Users\Cindy\AppData\Local\Packages
2015-09-23 07:15 - 2015-09-23 07:15 - 00016148 _____ C:\Windows\system32\DESKTOP-3HVNCRU_defaultuser0_HistoryPrediction.bin
2015-09-23 07:15 - 2015-09-23 07:15 - 00000020 ___SH C:\Users\Cindy\ntuser.ini
2015-09-23 07:15 - 2015-09-23 07:15 - 00000000 ___RD C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-23 07:15 - 2015-09-23 07:15 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\Adobe
2015-09-23 07:15 - 2015-09-23 07:15 - 00000000 ____D C:\Users\Cindy\AppData\Local\VirtualStore
2015-09-23 07:15 - 2015-09-23 07:15 - 00000000 ____D C:\Users\Cindy\AppData\Local\TileDataLayer
2015-09-23 07:15 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-23 07:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-23 07:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-23 07:15 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-23 06:53 - 2015-10-08 09:10 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-23 06:48 - 2015-09-23 06:48 - 00000000 __SHD C:\Recovery
2015-09-23 06:45 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2015-09-23 06:43 - 2015-09-23 06:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-23 06:42 - 2015-10-08 01:36 - 00160707 ____N C:\Windows\Minidump\100815-20828-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-08 12:10 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\sru
2015-10-08 01:36 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-06 20:10 - 2015-07-10 05:05 - 00131072 ___SH C:\Windows\system32\config\BBI
2015-10-06 03:19 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2015-10-03 13:33 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\rescache
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2015-10-02 18:23 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2015-10-02 13:44 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2015-09-30 11:02 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\NDF
2015-09-27 22:22 - 2015-07-10 07:04 - 00000167 _____ C:\Windows\win.ini
2015-09-27 20:36 - 2015-07-10 08:20 - 00335760 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-25 12:24 - 2015-07-10 09:14 - 00000000 ____D C:\Windows\ShellNew
2015-09-25 12:23 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-24 18:16 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-24 18:16 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\oobe
2015-09-24 08:19 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\appcompat
2015-09-23 10:41 - 2015-07-10 07:04 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-09-23 09:51 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-09-23 09:51 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-23 09:51 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-23 09:51 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-09-23 09:51 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-09-23 09:51 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\system32\Dism
2015-09-23 07:16 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PrintDialog
2015-09-23 07:16 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\MiracastView
2015-09-23 07:03 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\restore
2015-09-23 06:47 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\spool
2015-09-23 06:47 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-09-23 06:45 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\Recovery
2015-09-23 06:45 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\system32\Sysprep
2015-09-23 06:42 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default

==================== Files in the root of some directories =======

2015-10-06 03:20 - 2015-10-06 03:20 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-04 17:51

==================== End of FRST.txt ============================

[Momadice 0]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-10-2015
Ran by Cindy (2015-10-08 12:36:01)
Running from C:\Users\Cindy\Desktop
Windows 10 Home (X64) (2015-09-23 11:05:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-289153866-87266423-1255115157-500 - Administrator - Disabled)
Cindy (S-1-5-21-289153866-87266423-1255115157-1001 - Administrator - Enabled) => C:\Users\Cindy
DefaultAccount (S-1-5-21-289153866-87266423-1255115157-503 - Limited - Disabled)
Guest (S-1-5-21-289153866-87266423-1255115157-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AntiLogger Free version 1.8.2.198 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.198 - Zemana Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Watchtower Library 2013 - English (HKLM-x32\...\{004E8ED2-315C-4473-A934-032D5D7B3A02}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-09-2015 07:03:49 Windows Modules Installer
25-09-2015 12:19:16 Installed Microsoft Office Ultimate 2007
30-09-2015 08:35:13 Windows Modules Installer
06-10-2015 03:01:42 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5738E21C-808A-42FB-AD76-964848B19321} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {A7F80A41-5CB1-46C9-9FB0-960E245FBBDE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Loaded Modules (Whitelisted) ==============

2015-09-23 09:36 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-23 09:37 - 2015-08-11 05:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-10-02 13:03 - 2015-09-17 02:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-02 13:03 - 2015-09-17 02:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-09-30 15:13 - 2015-09-30 15:13 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-10-02 13:02 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-02 13:03 - 2015-09-17 01:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 13:02 - 2015-09-17 01:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 13:02 - 2015-09-17 01:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 13:03 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-03 13:01 - 2015-10-03 13:02 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-03 13:01 - 2015-10-03 13:02 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-09-23 07:57 - 2015-09-23 07:57 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-30 14:16 - 2015-09-30 14:16 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-30 14:16 - 2015-09-30 14:16 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\Emsisoft Anti-Malware:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
AlternateDataStreams: C:\Program Files (x86)\Zemana AntiLogger Free:Win32App
AlternateDataStreams: C:\Program Files (x86)\Zemana AntiMalware:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AutorunsDisabled => "AlternateShell"="cmd.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18799763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41428810.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77693921.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\89222781.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93810413.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18799763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\41428810.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77693921.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\89222781.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93810413.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-289153866-87266423-1255115157-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B88F38E6-04E3-4D1B-9ACE-64B185A54A86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82ACE307-42F6-4D91-A29F-FF83BF5B8E8A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3BFCD5E2-3BD3-47D2-97FD-C9E487BC1858}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{19DFC7DA-3E73-4624-B2BE-56EFDB947434}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{945ABB44-FDD9-4F03-AEBB-EF1418051547}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE97FAE0-4328-4266-A07E-370DB409116D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0ACAA892-275F-4FF9-A494-141C69BEAE4C}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2015 12:14:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (10/08/2015 12:14:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (10/08/2015 12:09:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettingsBroker.exe, version: 10.0.10240.16384, time stamp: 0x559f39c2
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3
Exception code: 0xe06d7363
Fault offset: 0x000000000002a1c8
Faulting process id: 0x1d7c
Faulting application start time: 0xSystemSettingsBroker.exe0
Faulting application path: SystemSettingsBroker.exe1
Faulting module path: SystemSettingsBroker.exe2
Report Id: SystemSettingsBroker.exe3
Faulting package full name: SystemSettingsBroker.exe4
Faulting package-relative application ID: SystemSettingsBroker.exe5

Error: (10/07/2015 11:57:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x2f08
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 11:56:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x1458
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 11:53:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x23d8
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 11:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x2e08
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 11:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x31a8
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 11:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: WS2_32.dll, version: 10.0.10240.16384, time stamp: 0x559f3898
Exception code: 0xc0000005
Fault offset: 0x000000000000b900
Faulting process id: 0x25a8
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/07/2015 06:09:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19759469


System errors:
=============
Error: (10/08/2015 01:36:20 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000)C:\Windows\Minidump\100815-20828-01.dmp100815-20828-01

Error: (10/08/2015 01:36:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:13:01 AM on ‎2015-‎10-‎08 was unexpected.

Error: (10/08/2015 12:37:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 8 0x0 0x0

Error: (10/08/2015 12:37:31 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 4 0x0 0x0

Error: (10/08/2015 12:37:31 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 1 0xc 0x4

Error: (10/08/2015 12:15:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/08/2015 12:15:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cindy\AppData\Local\Temp\ehdrv.sys

Error: (10/08/2015 12:15:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/08/2015 12:15:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cindy\AppData\Local\Temp\ehdrv.sys

Error: (10/08/2015 12:15:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275


CodeIntegrity:
===================================
  Date: 2015-10-06 14:00:21.692
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 66%
Total physical RAM: 3543.26 MB
Available physical RAM: 1185.01 MB
Total Virtual: 3991.26 MB
Available Virtual: 1078.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.62 GB) (Free:205.75 GB) NTFS
Drive d: (Back Up Partition) (Fixed) (Total:213.14 GB) (Free:204.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Momadice 0]

I  cannot locate the file.  I am not sure why.  I started the application called "sticky notes" - the windows app and that is when I received the warning.  I'm not sure if it is relevant but I was having significant problems loggg into and posting to this site using edge, so I switched for firefox.  I was also having significant problems downloading farbar.  Anyway, its a warning that I have never received before, and I was following the instructions.

 

I did upload the exe file of stiky notes and virus total gave it a thumbs up.

 

As I cannot find the file (runtime file) upload to virus total do you have any other suggestions?

[Elise 277]

Can you post me the link to the Virustotal scan results? Based on that data I can whitelist the file.

 

I've seen a few more reports for this same file, this is nothing to worry about, it is not malicious. 

 

Edge unfortunately still has some issues and does not always work well with all sites.

[Momadice 0]

As requested:

 

https://www.virustotal.com/en/file/293d25d572c10312f4ac850870976360f7c3ff8274c7091a3cf14fb2f2e1bf4c/analysis/

 

I hope this is what you were after.  If it is not, let me know and I will try again.

[Kevin Zoll 309]

Hello momadice,

That appears to be a false positive detection by our behavior blocker.

[Momadice 0]

Thank you for checking that out for me.

[Kevin Zoll 309]

You are welcome.

[Kevin Zoll 309]

Thread Closed

Reason: Resolved

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread.