Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015 Ran by Alina (administrator) on ALINKA on 25-06-2015 21:20:37 Running from C:\Users\Alina\Downloads\fix Loaded Profiles: Alina (Available Profiles: Alina) Platform: Windows 8.1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2015-06-25] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-06-25] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2015-06-25] (Synaptics Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET) HKLM\...\Run: [TNOD UP] => C:\Program Files\TNod User & Password Finder\TNODUP.exe [1024748 2013-07-01] (Tukero[X]Team) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1304424282-937763637-458994368-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-09] (CyberLink Corp.) HKU\S-1-5-21-1304424282-937763637-458994368-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\Users\Alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk [2015-03-13] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1304424282-937763637-458994368-1002\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150313 HKU\S-1-5-21-1304424282-937763637-458994368-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL14/175 SearchScopes: HKLM -> {C0AEEC99-925B-4758-86CC-779F7E340798} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {C0AEEC99-925B-4758-86CC-779F7E340798} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1304424282-937763637-458994368-1002 -> {C0AEEC99-925B-4758-86CC-779F7E340798} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\s07xx2ul.default FF Homepage: www.wp.pl/?src01=dp220150313 FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Extension: Strong Signal - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\s07xx2ul.default\Extensions\{38557805-f7a3-4a68-ba6e-ee08fbcdb280}.xpi [2015-03-13] FF Extension: Adblock Plus - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\s07xx2ul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-11] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-09-25] () [File not signed] R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-07-28] (Windows (R) Win 7 DDK provider) [File not signed] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET) R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-06-25] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2015-06-25] (Synaptics Incorporated) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-22] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET) S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-25] (Realtek Semiconductor Corp.) S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-01] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-10-01] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-25 21:17 - 2015-06-25 21:20 - 00000000 ____D C:\FRST 2015-06-25 21:16 - 2015-06-25 21:20 - 00000000 ____D C:\Users\Alina\Downloads\fix 2015-06-25 20:51 - 2015-06-25 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder 2015-06-25 20:51 - 2015-06-25 20:51 - 00000000 ____D C:\Program Files\TNod User & Password Finder 2015-06-25 20:49 - 2015-06-25 20:49 - 00000000 ____D C:\Users\Alina\AppData\Roaming\ESET 2015-06-25 20:49 - 2015-06-25 20:49 - 00000000 ____D C:\Users\Alina\AppData\Local\ESET 2015-06-25 20:44 - 2015-06-25 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-06-25 20:44 - 2015-06-25 20:44 - 00000000 ____D C:\ProgramData\ESET 2015-06-25 20:44 - 2015-06-25 20:44 - 00000000 ____D C:\Program Files\ESET 2015-06-25 19:49 - 2015-06-25 19:49 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-06-25 19:49 - 2015-06-25 19:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-06-25 19:33 - 2015-06-25 19:33 - 00000000 ____D C:\Users\Alina\AppData\Local\GWX 2015-06-25 12:29 - 2015-06-25 12:29 - 00750320 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2015-06-25 12:29 - 2015-06-25 12:29 - 00546032 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2015-06-25 12:29 - 2015-06-25 12:29 - 00407280 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2015-06-25 12:29 - 2015-06-25 12:29 - 00255216 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2015-06-25 12:29 - 2015-06-25 12:29 - 00208624 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 68045824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-06-25 12:21 - 2015-06-25 12:18 - 04264536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-06-25 12:21 - 2015-06-25 12:18 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 02850008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-06-25 12:21 - 2015-06-25 12:18 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 01330751 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-06-25 12:21 - 2015-06-25 12:18 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 00957144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2015-06-25 12:21 - 2015-06-25 12:18 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2015-06-25 12:21 - 2015-06-25 12:17 - 01531584 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2015-06-25 12:21 - 2015-06-25 12:17 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-06-25 12:11 - 2015-06-25 12:10 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll 2015-06-25 12:09 - 2015-06-25 12:10 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth 2015-06-25 11:57 - 2015-06-25 11:57 - 00003166 _____ C:\Windows\System32\Tasks\YCMServiceAgent 2015-06-25 11:57 - 2014-01-28 05:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys 2015-06-25 11:03 - 2015-06-25 11:03 - 00000000 ____D C:\Program Files\Common Files\Atheros 2015-06-25 10:58 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-06-25 10:58 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-06-25 10:56 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2015-06-25 10:56 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2015-06-25 10:56 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2015-06-25 10:56 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll 2015-06-25 10:54 - 2015-06-25 10:54 - 00000000 ___HD C:\ProgramData\CanonBJ 2015-06-25 10:54 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAU.DLL 2015-06-25 10:52 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-06-25 10:52 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-06-25 10:52 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-06-25 10:52 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-06-25 10:52 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-06-25 10:52 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-06-25 10:52 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-06-25 10:52 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-06-25 10:52 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-06-25 10:52 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-06-25 10:52 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-06-25 10:52 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-06-25 10:52 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-06-25 10:52 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-06-25 10:52 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-06-25 10:52 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2015-06-25 10:52 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2015-06-25 10:52 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-06-25 10:51 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-06-25 10:51 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-06-25 10:51 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-06-25 10:51 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-06-25 10:51 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-06-25 10:51 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-06-25 10:51 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-06-25 10:51 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-06-25 10:51 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-06-25 10:51 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe 2015-06-25 10:51 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2015-06-25 10:51 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2015-06-25 10:51 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2015-06-25 10:51 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys 2015-06-25 10:51 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys 2015-06-25 10:51 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys 2015-06-25 10:51 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys 2015-06-25 10:51 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys 2015-06-25 10:51 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys 2015-06-25 10:50 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll 2015-06-25 10:49 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-06-25 10:49 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2015-06-25 10:49 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-06-25 10:49 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2015-06-25 10:49 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls 2015-06-25 10:49 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls 2015-06-25 10:48 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2015-06-25 10:48 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-06-25 10:48 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-06-25 10:47 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-06-25 10:47 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-06-25 10:47 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-06-25 10:47 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2015-06-25 10:47 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2015-06-25 10:47 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-06-25 10:47 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2015-06-25 10:47 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-06-25 10:47 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-06-25 10:47 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2015-06-25 10:47 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-06-25 10:47 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-06-25 10:47 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-06-25 10:47 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2015-06-25 10:47 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-06-25 10:47 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2015-06-25 10:47 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-06-25 10:47 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll 2015-06-25 10:47 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-06-25 10:47 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2015-06-25 10:47 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2015-06-25 10:47 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp 2015-06-25 10:47 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll 2015-06-25 10:47 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll 2015-06-25 10:47 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2015-06-25 10:47 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp 2015-06-25 10:47 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll 2015-06-25 10:47 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll 2015-06-25 10:47 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll 2015-06-25 10:47 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2015-06-25 10:47 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2015-06-25 10:47 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2015-06-25 10:47 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2015-06-25 10:47 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2015-06-25 10:47 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2015-06-25 10:47 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2015-06-25 10:47 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL 2015-06-25 10:47 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL 2015-06-25 10:47 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2015-06-25 10:47 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2015-06-25 10:47 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2015-06-25 10:47 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-06-25 10:47 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL 2015-06-25 10:47 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL 2015-06-25 10:47 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2015-06-25 10:47 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2015-06-25 10:47 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2015-06-25 10:47 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-06-25 10:47 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll 2015-06-25 10:47 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2015-06-25 10:47 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2015-06-25 10:47 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2015-06-25 10:47 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2015-06-25 10:47 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-06-25 10:47 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-06-25 10:47 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2015-06-25 10:47 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2015-06-25 10:47 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2015-06-25 10:47 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll 2015-06-25 10:47 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll 2015-06-25 10:47 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll 2015-06-25 10:47 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2015-06-25 10:47 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll 2015-06-25 10:47 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2015-06-25 10:47 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll 2015-06-25 10:47 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2015-06-25 10:47 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2015-06-25 10:44 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2015-06-25 10:44 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-06-25 10:44 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml 2015-06-25 10:43 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2015-06-25 10:43 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2015-06-25 10:24 - 2015-06-25 10:24 - 583759950 _____ C:\Windows\MEMORY.DMP 2015-06-25 10:24 - 2015-06-25 10:24 - 00387696 _____ C:\Windows\Minidump\062515-32984-01.dmp 2015-06-25 10:24 - 2015-06-25 10:24 - 00000000 ____D C:\Windows\Minidump 2015-06-25 09:39 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-06-22 11:19 - 2015-06-25 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-19 10:17 - 2015-06-19 10:18 - 00000000 ___SD C:\Windows\system32\GWX 2015-06-19 10:17 - 2015-06-19 10:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-06-10 18:17 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2015-06-10 18:17 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-06-10 18:17 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-06-10 18:17 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-06-10 18:16 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 18:16 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 18:16 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 18:16 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2015-06-10 18:16 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2015-06-10 18:15 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 18:15 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 18:15 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2015-06-10 18:15 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2015-06-10 18:15 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll 2015-06-10 18:15 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2015-06-10 18:15 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2015-06-10 18:15 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll 2015-06-10 18:15 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2015-06-10 18:15 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2015-06-10 18:15 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2015-06-10 18:15 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2015-06-10 18:15 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2015-06-10 18:15 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2015-06-10 18:15 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2015-06-10 18:15 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2015-06-10 18:15 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2015-06-10 18:15 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2015-06-10 18:15 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2015-06-10 18:15 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2015-06-10 18:15 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2015-06-10 11:24 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 11:24 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 11:24 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 11:24 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 11:24 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 11:24 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 11:24 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 11:24 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 11:24 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 11:24 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 11:24 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-06-10 11:24 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-06-10 11:24 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 11:24 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 11:24 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 11:24 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 11:24 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-06-10 11:24 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 11:24 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 11:24 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 11:24 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 11:24 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 11:24 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 11:24 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 11:24 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 11:24 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 11:24 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 11:24 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 11:24 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-06-10 11:24 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 11:24 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-06-10 11:24 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-06-10 11:24 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 11:24 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 11:24 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 11:24 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 11:24 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 11:24 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-06-10 11:24 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 11:24 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 11:23 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 11:19 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 11:19 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-25 21:18 - 2015-03-11 17:57 - 01915354 _____ C:\Windows\WindowsUpdate.log 2015-06-25 21:11 - 2015-04-11 15:11 - 00003160 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAlina 2015-06-25 21:11 - 2015-04-11 15:11 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForAlina.job 2015-06-25 21:10 - 2015-03-13 19:04 - 00000000 ____D C:\Users\Alina\AppData\Roaming\ClassicShell 2015-06-25 21:01 - 2015-03-11 18:09 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1304424282-937763637-458994368-1002 2015-06-25 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-06-25 20:41 - 2013-11-10 07:00 - 00839840 _____ C:\Windows\system32\perfh015.dat 2015-06-25 20:41 - 2013-11-10 07:00 - 00179982 _____ C:\Windows\system32\perfc015.dat 2015-06-25 20:41 - 2013-08-26 08:09 - 01967966 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-25 20:39 - 2013-08-22 16:46 - 00034666 _____ C:\Windows\setupact.log 2015-06-25 20:34 - 2015-03-11 18:05 - 00000000 ____D C:\Users\Alina\Documents\Youcam 2015-06-25 20:33 - 2015-03-31 12:56 - 00000000 ___DO C:\Users\Alina\OneDrive 2015-06-25 20:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-25 20:31 - 2013-08-22 16:44 - 00487416 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-25 20:29 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-06-25 20:24 - 2015-03-11 18:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-25 20:15 - 2013-11-09 23:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-06-25 20:04 - 2013-08-22 15:25 - 00000199 _____ C:\Windows\win.ini 2015-06-25 19:50 - 2015-03-11 19:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Works 2015-06-25 19:19 - 2015-03-23 16:00 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2015-06-25 19:19 - 2014-01-13 18:20 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-06-25 19:14 - 2014-01-13 18:21 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-06-25 19:12 - 2013-09-01 05:49 - 00000000 ____D C:\SWSetup 2015-06-25 19:03 - 2015-03-11 18:16 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B6FDDDEC-41FA-4AFD-AA4C-9A53DB384C8E} 2015-06-25 12:58 - 2015-03-11 18:05 - 00000000 ____D C:\Users\Alina\AppData\Local\CyberLink 2015-06-25 12:58 - 2014-01-13 18:33 - 00000000 ____D C:\Users\Public\CyberLink 2015-06-25 12:56 - 2014-01-13 18:27 - 00000000 ____D C:\Program Files (x86)\CyberLink 2015-06-25 12:55 - 2014-01-13 18:30 - 00000000 ____D C:\ProgramData\CyberLink 2015-06-25 12:46 - 2014-01-13 18:33 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2015-06-25 12:35 - 2014-01-13 18:18 - 00013864 _____ C:\Windows\DPINST.LOG 2015-06-25 12:35 - 2014-01-13 18:18 - 00001336 _____ C:\Windows\Synaptics.log 2015-06-25 12:14 - 2014-01-13 18:20 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-06-25 12:11 - 2014-01-13 18:20 - 00000000 ____D C:\Windows\SysWOW64\sda 2015-06-25 12:11 - 2014-01-13 18:19 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-06-25 12:09 - 2014-01-13 18:23 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite 2015-06-25 12:04 - 2013-11-09 23:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-06-25 12:02 - 2013-11-09 22:31 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-06-25 12:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports 2015-06-25 12:01 - 2014-01-13 18:24 - 00000000 ____D C:\Windows\Hewlett-Packard 2015-06-25 11:57 - 2014-01-13 18:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2015-06-25 11:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\inetsrv 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup 2015-06-25 11:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\inetsrv 2015-06-25 10:34 - 2015-03-11 18:03 - 00000000 ____D C:\Users\Alina 2015-06-25 10:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-06-25 10:31 - 2015-03-11 18:04 - 00000000 ____D C:\Users\Alina\AppData\Local\Packages 2015-06-25 10:24 - 2014-01-13 18:35 - 00000000 ____D C:\ProgramData\McAfee 2015-06-25 10:24 - 2014-01-13 18:35 - 00000000 ____D C:\Program Files\Common Files\mcafee 2015-06-25 10:24 - 2014-01-13 18:35 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-06-25 10:23 - 2015-03-11 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-25 10:23 - 2013-08-26 08:01 - 00492862 _____ C:\Windows\PFRO.log 2015-06-25 09:54 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-06-25 09:52 - 2013-11-09 23:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-06-25 09:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-06-24 11:17 - 2014-01-13 18:17 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-18 07:38 - 2015-04-11 16:49 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-18 07:38 - 2015-04-11 16:49 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-14 09:12 - 2015-03-24 18:41 - 00000000 ____D C:\Windows\system32\MRT 2015-06-14 09:08 - 2015-03-24 18:41 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-10 18:32 - 2015-04-12 14:26 - 00000000 __SHD C:\Users\Alina\AppData\Local\EmieUserList 2015-06-10 18:32 - 2015-04-12 14:26 - 00000000 __SHD C:\Users\Alina\AppData\Local\EmieSiteList 2015-06-10 18:32 - 2015-04-12 14:26 - 00000000 __SHD C:\Users\Alina\AppData\Local\EmieBrowserModeList 2015-06-10 17:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-06-10 17:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-08 17:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel ==================== Files in the root of some directories ======= 2015-03-13 18:37 - 2015-03-13 18:37 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Alina\AppData\Local\Temp\Extract.exe C:\Users\Alina\AppData\Local\Temp\InstHelper.exe C:\Users\Alina\AppData\Local\Temp\mccspuninstall.exe C:\Users\Alina\AppData\Local\Temp\SP69199.exe C:\Users\Alina\AppData\Local\Temp\SP69619.exe C:\Users\Alina\AppData\Local\Temp\SP69624.exe C:\Users\Alina\AppData\Local\Temp\SP69626.exe C:\Users\Alina\AppData\Local\Temp\SP69840.exe C:\Users\Alina\AppData\Local\Temp\SP70598.exe C:\Users\Alina\AppData\Local\Temp\SP70781.exe C:\Users\Alina\AppData\Local\Temp\SP70821.exe C:\Users\Alina\AppData\Local\Temp\SP70822.exe C:\Users\Alina\AppData\Local\Temp\SP70823.exe C:\Users\Alina\AppData\Local\Temp\SP70869.exe C:\Users\Alina\AppData\Local\Temp\SP71156.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-25 12:15 ==================== End of log ============================