Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-09-2015 01 Ran by Américo (administrator) on CODEQ (07-09-2015 13:04:39) Running from C:\Users\Américo\Downloads Loaded Profiles: Américo & (Available Profiles: Américo) Platform: Windows 8.1 (X64) Language: Português (Portugal) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (KoshyJohn.com) C:\Users\Américo\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (ShareX Team) C:\Program Files\ShareX\ShareX.exe () C:\Program Files\AutoHotkey\AutoHotkey.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated) HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.) HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA) HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-09-07] (AVAST Software) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3592306595-23714473-1056629956-1001\...\Run: [Memory Cleaner] => C:\Users\Américo\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [762984 2014-12-03] (KoshyJohn.com) HKU\S-1-5-21-3592306595-23714473-1056629956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-3592306595-23714473-1056629956-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.) HKU\S-1-5-21-3592306595-23714473-1056629956-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-02] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Memory Cleaner] => C:\Users\Américo\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [762984 2014-12-03] (KoshyJohn.com) HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.) HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-02] (Sandboxie Holdings, LLC) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-07] (AVAST Software) Startup: C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2015-09-01] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C084C59A-DA93-4D85-AA98-003B2C8BB353}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3592306595-23714473-1056629956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3592306595-23714473-1056629956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB HKU\S-1-5-21-3592306595-23714473-1056629956-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c HKU\S-1-5-21-3592306595-23714473-1056629956-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3592306595-23714473-1056629956-1001 -> DefaultScope {1922C388-4302-47CB-B499-579143A76A52} URL = SearchScopes: HKU\S-1-5-21-3592306595-23714473-1056629956-1001 -> {1922C388-4302-47CB-B499-579143A76A52} URL = SearchScopes: HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {1922C388-4302-47CB-B499-579143A76A52} URL = SearchScopes: HKU\S-1-5-21-3592306595-23714473-1056629956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1922C388-4302-47CB-B499-579143A76A52} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Américo\AppData\Roaming\Mozilla\Firefox\Profiles\ffq67bq3.default FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] () FF Extension: uBlock Origin - C:\Users\Américo\AppData\Roaming\Mozilla\Firefox\Profiles\ffq67bq3.default\Extensions\uBlock0@raymondhill.net.xpi [2015-09-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-07] Chrome: ======= CHR Profile: C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-31] CHR Extension: (BetterTTV) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-09-01] CHR Extension: (Google Docs) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31] CHR Extension: (Google Drive) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-31] CHR Extension: (YouTube) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-31] CHR Extension: (Google Search) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-31] CHR Extension: (Google Sheets) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-31] CHR Extension: (Google Docs Offline) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05] CHR Extension: (AdBlock) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-01] CHR Extension: (ReChat for Twitch™) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-09-03] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-01] CHR Extension: (Chrome Web Store Payments) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31] CHR Extension: (Gmail) - C:\Users\Américo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-07] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-09-07] (Avast Software) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] () R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-02] (Sandboxie Holdings, LLC) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed] S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-07] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-07] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-07] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-07] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-07] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-07] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-07] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-07] (AVAST Software) S3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-09-07] (AVAST Software) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191112 2015-09-02] (Sandboxie Holdings, LLC) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-21] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-09-07] (Avast Software) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-07 13:01 - 2015-09-07 13:04 - 00033236 _____ C:\Users\Américo\Downloads\Addition.txt 2015-09-07 12:55 - 2015-09-07 13:04 - 00021530 _____ C:\Users\Américo\Downloads\FRST.txt 2015-09-07 12:54 - 2015-09-07 13:04 - 00000000 ____D C:\FRST 2015-09-07 12:53 - 2015-09-07 12:53 - 02190336 _____ (Farbar) C:\Users\Américo\Downloads\FRST64.exe 2015-09-07 12:15 - 2015-09-07 12:15 - 00000000 ____D C:\ProgramData\Lavasoft 2015-09-07 12:08 - 2015-09-07 12:14 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox 2015-09-07 12:08 - 2015-09-07 12:14 - 00000000 ____D C:\WINDOWS\system32\vbox 2015-09-07 12:07 - 2015-09-07 12:07 - 00000000 ____D C:\Users\Américo\AppData\Roaming\AVAST Software 2015-09-07 12:05 - 2015-09-07 12:05 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-09-07 12:05 - 2015-09-07 12:05 - 00001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-09-07 12:05 - 2015-09-07 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-09-07 12:04 - 2015-09-07 12:05 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-09-07 12:04 - 2015-09-07 12:04 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-09-07 12:04 - 2015-09-07 12:04 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-09-07 12:04 - 2015-09-07 12:04 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-09-07 12:04 - 2015-09-07 12:03 - 01048856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1441652712781 2015-09-07 12:04 - 2015-09-07 12:03 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys 2015-09-07 12:00 - 2015-09-07 12:00 - 00000000 ____D C:\Program Files\AVAST Software 2015-09-07 11:59 - 2015-09-07 11:59 - 02012464 _____ C:\Users\Américo\Downloads\Adaware_Installer.exe 2015-09-07 11:58 - 2015-09-07 11:59 - 00000000 ____D C:\ProgramData\AVAST Software 2015-09-07 11:58 - 2015-09-07 11:58 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Américo\Downloads\avast_free_antivirus_setup_online_cnet.exe 2015-09-07 11:36 - 2015-09-07 12:38 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-07 11:36 - 2015-09-07 11:36 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-09-07 11:36 - 2015-09-07 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-09-07 11:35 - 2015-09-07 11:35 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-07 11:35 - 2015-09-07 11:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-07 11:35 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-07 11:35 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-07 11:35 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-07 11:33 - 2015-09-07 11:33 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Américo\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-06 09:05 - 2015-09-06 09:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-09-05 18:24 - 2015-08-13 18:50 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-09-05 18:24 - 2015-08-13 18:50 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-05 11:39 - 2015-09-05 11:39 - 00000000 ___RD C:\Sandbox 2015-09-05 11:38 - 2015-09-07 12:04 - 00001544 _____ C:\WINDOWS\Sandboxie.ini 2015-09-05 11:38 - 2015-09-05 11:38 - 00000919 _____ C:\Users\Américo\Desktop\Sandboxed Web Browser.lnk 2015-09-05 11:38 - 2015-09-05 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2015-09-05 11:38 - 2015-09-05 11:38 - 00000000 ____D C:\Program Files\Sandboxie 2015-09-05 11:36 - 2015-09-05 11:37 - 08514696 _____ (Sandboxie Holdings, LLC) C:\Users\Américo\Downloads\SandboxieInstall-501-13.exe 2015-09-05 11:36 - 2015-09-05 11:36 - 02364011 _____ C:\Users\Américo\Downloads\Euphoria RSPS (updated).jar 2015-09-05 01:38 - 2015-09-05 02:01 - 00000048 _____ C:\Users\Américo\jagex_cl_runescape_LIVE1.dat 2015-09-05 01:38 - 2015-09-05 01:38 - 00000000 ____D C:\Users\Américo\jagexcache1 2015-09-05 01:23 - 2015-09-05 02:01 - 00000047 _____ C:\Users\Américo\jagex_cl_runescape_LIVE.dat 2015-09-04 02:21 - 2015-09-04 02:21 - 00004286 _____ C:\Users\Américo\Downloads\cur192.cur 2015-09-03 00:43 - 2015-09-03 00:49 - 00000000 ____D C:\Users\Américo\AppData\Local\Mozilla 2015-09-03 00:43 - 2015-09-03 00:43 - 00001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-03 00:43 - 2015-09-03 00:43 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-09-03 00:43 - 2015-09-03 00:43 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Mozilla 2015-09-03 00:43 - 2015-09-03 00:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-03 00:43 - 2015-09-03 00:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-09-03 00:41 - 2015-09-03 00:42 - 00242752 _____ C:\Users\Américo\Downloads\Firefox Setup Stub 40.0.3.exe 2015-09-03 00:09 - 2015-09-03 00:10 - 03589956 _____ C:\Users\Américo\Downloads\Windows6.0-KB942288-v2-ia64.msu 2015-09-03 00:09 - 2015-09-03 00:10 - 03086960 _____ C:\Users\Américo\Downloads\Windows6.0-KB942288-v2-x64.msu 2015-09-03 00:09 - 2015-09-03 00:10 - 01768236 _____ C:\Users\Américo\Downloads\Windows6.0-KB942288-v2-x86.msu 2015-09-03 00:09 - 2015-09-03 00:10 - 00001790 _____ C:\Users\Américo\Downloads\redist.txt 2015-09-03 00:09 - 2015-09-03 00:09 - 03327000 _____ C:\Users\Américo\Downloads\WindowsXP-KB942288-v3-x86.exe 2015-09-03 00:03 - 2015-09-03 00:03 - 00347816 _____ (Microsoft Corporation) C:\Users\Américo\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe 2015-09-03 00:01 - 2015-09-03 00:01 - 01005568 _____ (Microsoft Corporation) C:\Users\Américo\Downloads\dotNetFx45_Full_setup.exe 2015-09-03 00:00 - 2015-09-03 00:00 - 24018944 _____ C:\Users\Américo\Downloads\OldSchool (1).msi 2015-09-02 23:52 - 2015-09-02 23:52 - 24018944 _____ C:\Users\Américo\Downloads\OldSchool.msi 2015-09-02 22:54 - 2015-09-02 22:54 - 00000106 _____ C:\Users\Américo\Downloads\How to get your Ikov PIN unlocked (1).txt 2015-09-02 19:20 - 2015-09-02 19:27 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-02 19:20 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-09-02 17:51 - 2015-09-02 17:52 - 02620903 _____ C:\Users\Américo\Downloads\v2-RC-Launcher (1).jar 2015-09-02 14:58 - 2013-12-20 03:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-09-02 14:58 - 2013-12-20 03:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-09-02 14:58 - 2013-10-03 02:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-09-02 14:58 - 2013-10-03 02:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-09-02 14:58 - 2013-10-02 04:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-09-02 14:58 - 2013-10-02 02:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-09-02 14:58 - 2013-09-30 20:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2015-09-02 14:58 - 2013-09-30 20:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2015-09-02 14:26 - 2014-01-07 18:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-09-02 14:26 - 2014-01-07 18:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-09-02 14:26 - 2014-01-02 16:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2015-09-02 14:26 - 2013-12-31 18:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-09-02 14:26 - 2013-12-31 18:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-09-02 14:26 - 2013-12-31 17:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-09-02 14:26 - 2013-12-31 17:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-09-02 14:26 - 2013-12-31 16:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-09-02 14:26 - 2013-12-31 16:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-02 14:26 - 2013-12-31 16:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-09-02 14:26 - 2013-12-30 16:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-09-02 14:26 - 2013-12-30 16:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-09-02 14:26 - 2013-12-27 08:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-09-02 14:26 - 2013-12-27 01:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2015-09-02 14:26 - 2013-12-27 01:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2015-09-02 14:26 - 2013-12-27 01:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2015-09-02 14:26 - 2013-12-27 00:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2015-09-02 14:26 - 2013-12-26 23:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2015-09-02 14:26 - 2013-12-21 00:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2015-09-02 14:26 - 2013-12-13 23:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-09-02 14:26 - 2013-12-13 23:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-09-02 14:26 - 2013-11-04 04:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-09-02 14:26 - 2013-11-03 18:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-09-02 14:26 - 2013-10-05 07:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-09-02 14:26 - 2013-10-05 07:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-09-02 14:26 - 2013-10-05 05:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-09-02 14:26 - 2013-10-05 05:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-09-02 14:25 - 2014-01-07 18:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-09-02 14:25 - 2014-01-04 08:54 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll 2015-09-02 14:25 - 2014-01-04 08:08 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll 2015-09-02 14:25 - 2014-01-04 07:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2015-09-02 14:25 - 2014-01-04 06:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2015-09-02 14:25 - 2014-01-02 16:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2015-09-02 14:25 - 2013-12-30 16:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2015-09-02 14:25 - 2013-12-30 16:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2015-09-02 14:25 - 2013-12-30 16:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-09-02 14:25 - 2013-12-27 00:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2015-09-02 14:25 - 2013-12-17 00:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2015-09-02 14:25 - 2013-12-13 03:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2015-09-02 14:25 - 2013-12-12 23:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2015-09-02 14:25 - 2013-12-12 22:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2015-09-02 14:25 - 2013-09-25 23:51 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-09-02 14:25 - 2013-09-25 23:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll 2015-09-02 14:25 - 2013-09-25 23:34 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll 2015-09-02 14:24 - 2013-09-25 03:25 - 00783504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2015-09-02 14:24 - 2013-09-25 01:58 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2015-09-02 14:24 - 2013-09-23 22:54 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-09-02 14:24 - 2013-09-23 22:10 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-09-02 14:24 - 2013-09-23 22:05 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-09-02 14:24 - 2013-09-23 20:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2015-09-02 14:24 - 2013-09-21 05:10 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2015-09-02 14:24 - 2013-09-21 05:10 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-09-02 14:24 - 2013-09-21 05:10 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-09-02 14:24 - 2013-09-21 04:50 - 00528048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-09-02 14:24 - 2013-09-21 04:48 - 00534048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-09-02 14:24 - 2013-09-21 04:48 - 00123480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2015-09-02 14:24 - 2013-09-21 03:56 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2015-09-02 14:24 - 2013-09-21 03:53 - 01534504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-09-02 14:24 - 2013-09-21 03:53 - 00996320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2015-09-02 14:24 - 2013-09-21 03:53 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-09-02 14:24 - 2013-09-21 03:53 - 00366688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2015-09-02 14:24 - 2013-09-21 03:45 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2015-09-02 14:24 - 2013-09-21 02:23 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-09-02 14:24 - 2013-09-21 02:23 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2015-09-02 14:24 - 2013-09-21 02:12 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-09-02 14:24 - 2013-09-21 02:09 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-09-02 14:24 - 2013-09-21 02:09 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2015-09-02 14:24 - 2013-09-21 00:58 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2015-09-02 14:24 - 2013-09-21 00:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-09-02 14:24 - 2013-09-21 00:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2015-09-02 14:24 - 2013-09-21 00:50 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2015-09-02 14:24 - 2013-09-21 00:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2015-09-02 14:24 - 2013-09-20 23:55 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2015-09-02 14:24 - 2013-09-20 23:33 - 11366912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2015-09-02 14:24 - 2013-09-20 22:59 - 00940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-09-02 14:24 - 2013-09-20 22:57 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll 2015-09-02 14:24 - 2013-09-20 22:56 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2015-09-02 14:24 - 2013-09-20 22:43 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-09-02 14:24 - 2013-09-20 22:38 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-09-02 14:24 - 2013-09-20 22:34 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-09-02 14:24 - 2013-09-20 22:31 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-09-02 14:24 - 2013-09-20 22:26 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2015-09-02 14:24 - 2013-09-20 22:10 - 12028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2015-09-02 14:24 - 2013-09-20 22:05 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2015-09-02 14:24 - 2013-09-20 21:44 - 01662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-02 14:24 - 2013-09-20 21:39 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-02 14:24 - 2013-09-20 21:36 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll 2015-09-02 14:24 - 2013-09-18 23:17 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx 2015-09-02 14:24 - 2013-09-18 22:08 - 01150976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-09-02 14:24 - 2013-09-18 22:01 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2015-09-02 14:24 - 2013-09-18 21:37 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-09-02 14:24 - 2013-09-18 21:32 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2015-09-02 14:24 - 2013-09-18 21:27 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2015-09-02 14:24 - 2013-09-18 21:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2015-09-02 14:24 - 2013-09-18 21:11 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll 2015-09-02 14:24 - 2013-09-18 21:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2015-09-02 14:24 - 2013-09-18 20:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2015-09-02 14:24 - 2013-09-18 20:55 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2015-09-02 14:24 - 2013-09-18 20:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-02 14:24 - 2013-09-18 20:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-02 14:24 - 2013-09-17 02:18 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-09-02 14:24 - 2013-09-16 22:00 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2015-09-02 14:24 - 2013-09-13 05:14 - 00872328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-09-02 14:24 - 2013-09-13 03:52 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-09-02 14:24 - 2013-09-13 01:54 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-09-02 14:24 - 2013-09-13 00:55 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2015-09-02 14:24 - 2013-09-12 00:37 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2015-09-02 14:24 - 2013-09-11 02:32 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2015-09-02 14:24 - 2013-09-07 05:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll 2015-09-02 14:24 - 2013-09-07 04:07 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll 2015-09-02 14:24 - 2013-09-07 03:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2015-09-02 14:24 - 2013-09-07 03:51 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2015-09-02 14:24 - 2013-09-03 23:16 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2015-09-02 14:24 - 2013-09-03 22:47 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2015-09-02 14:24 - 2013-09-03 22:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll 2015-09-02 14:24 - 2013-09-03 21:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2015-09-02 14:24 - 2013-09-03 21:48 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2015-09-02 14:24 - 2013-08-31 07:18 - 00205024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2015-09-02 14:24 - 2013-08-31 05:15 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2015-09-02 14:24 - 2013-08-31 05:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll 2015-09-02 14:24 - 2013-08-28 00:49 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2015-09-02 14:24 - 2013-08-26 23:09 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2015-09-02 14:23 - 2013-09-26 02:20 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe 2015-09-02 14:23 - 2013-09-26 01:24 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-09-02 14:23 - 2013-09-26 00:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-09-02 14:23 - 2013-09-26 00:14 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-09-02 14:23 - 2013-09-25 00:32 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-09-02 14:23 - 2013-09-24 22:40 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2015-09-02 14:23 - 2013-09-23 23:55 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2015-09-02 14:23 - 2013-09-23 22:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2015-09-02 14:23 - 2013-09-20 23:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-09-02 14:23 - 2013-09-20 22:37 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2015-09-02 14:23 - 2013-09-20 22:20 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2015-09-02 14:23 - 2013-09-20 22:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2015-09-02 14:23 - 2013-09-20 22:02 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2015-09-02 14:23 - 2013-09-20 21:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2015-09-02 14:23 - 2013-09-20 21:38 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll 2015-09-02 14:23 - 2013-09-20 21:38 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2015-09-02 14:23 - 2013-09-20 21:37 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2015-09-02 14:23 - 2013-09-19 00:19 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll 2015-09-02 14:23 - 2013-09-18 23:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll 2015-09-02 14:23 - 2013-09-18 23:27 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2015-09-02 14:23 - 2013-09-18 23:23 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll 2015-09-02 14:23 - 2013-09-18 22:47 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll 2015-09-02 14:23 - 2013-09-18 22:29 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx 2015-09-02 14:23 - 2013-09-18 21:25 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2015-09-02 14:23 - 2013-09-16 23:58 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-09-02 14:23 - 2013-09-16 22:26 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-09-02 14:23 - 2013-09-16 22:15 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2015-09-02 14:23 - 2013-09-16 21:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2015-09-02 14:23 - 2013-09-16 21:08 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2015-09-02 14:23 - 2013-09-16 20:28 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2015-09-02 14:23 - 2013-09-14 07:06 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys 2015-09-02 14:23 - 2013-09-14 07:06 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL 2015-09-02 14:23 - 2013-09-14 04:39 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2015-09-02 14:23 - 2013-09-13 02:52 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll 2015-09-02 14:23 - 2013-09-13 01:10 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-09-02 14:23 - 2013-09-13 00:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2015-09-02 14:23 - 2013-09-11 02:31 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2015-09-02 14:23 - 2013-09-11 02:31 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2015-09-02 14:23 - 2013-09-11 00:41 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2015-09-02 14:23 - 2013-09-11 00:09 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2015-09-02 14:23 - 2013-09-07 05:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll 2015-09-02 14:23 - 2013-09-07 05:00 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll 2015-09-02 14:23 - 2013-09-07 04:50 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll 2015-09-02 14:23 - 2013-09-07 04:45 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2015-09-02 14:23 - 2013-09-07 04:30 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2015-09-02 14:23 - 2013-09-07 04:22 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2015-09-02 14:23 - 2013-09-07 04:13 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2015-09-02 14:23 - 2013-09-05 00:39 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2015-09-02 14:23 - 2013-09-04 23:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe 2015-09-02 14:23 - 2013-09-04 22:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe 2015-09-02 14:23 - 2013-09-04 00:01 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll 2015-09-02 14:23 - 2013-09-03 21:35 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2015-09-02 14:23 - 2013-08-31 03:46 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll 2015-09-02 14:23 - 2013-08-31 03:00 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2015-09-02 14:23 - 2013-08-31 02:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2015-09-02 14:23 - 2013-08-30 00:31 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2015-09-02 14:23 - 2013-08-28 00:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-09-02 14:23 - 2013-08-28 00:09 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll 2015-09-02 14:23 - 2013-08-26 22:24 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2015-09-02 14:22 - 2013-10-19 01:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-02 14:22 - 2013-10-18 23:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-02 14:21 - 2013-10-23 04:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2015-09-02 14:21 - 2013-10-22 00:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-09-02 14:21 - 2013-10-21 23:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-09-02 14:21 - 2013-10-21 22:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2015-09-02 14:21 - 2013-10-21 20:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2015-09-02 14:21 - 2013-10-21 19:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-09-02 14:21 - 2013-10-21 18:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2015-09-02 14:21 - 2013-10-18 23:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-02 14:21 - 2013-10-18 22:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-02 14:21 - 2013-10-18 21:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-02 14:21 - 2013-10-18 21:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-09-02 14:21 - 2013-10-18 21:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-02 14:21 - 2013-10-18 21:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-02 14:21 - 2013-10-18 21:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-09-02 14:21 - 2013-10-18 20:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-02 14:21 - 2013-10-18 20:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-02 14:21 - 2013-10-18 20:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-09-02 14:21 - 2013-10-18 20:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-02 14:21 - 2013-10-18 20:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-09-02 14:21 - 2013-10-18 20:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-02 14:21 - 2013-10-18 20:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-02 14:21 - 2013-10-16 02:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-09-02 14:21 - 2013-10-16 02:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-09-02 14:21 - 2013-10-12 19:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2015-09-02 14:21 - 2013-10-08 03:28 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2015-09-02 14:21 - 2013-10-07 22:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2015-09-02 14:21 - 2013-10-07 22:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2015-09-02 14:21 - 2013-10-07 22:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2015-09-02 14:21 - 2013-10-06 19:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-02 14:21 - 2013-10-05 07:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2015-09-02 14:21 - 2013-10-05 05:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2015-09-02 14:21 - 2013-10-05 02:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2015-09-02 14:21 - 2013-10-05 01:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-09-02 14:21 - 2013-10-05 01:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2015-09-02 14:21 - 2013-10-05 01:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-09-02 14:21 - 2013-10-05 00:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-09-02 14:21 - 2013-10-05 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-09-02 14:21 - 2013-10-04 01:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2015-09-02 14:21 - 2013-09-17 02:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-09-02 14:21 - 2013-09-17 02:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-09-02 14:21 - 2013-09-16 23:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-09-02 14:21 - 2013-09-14 07:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2015-09-02 14:21 - 2013-09-14 07:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2015-09-02 14:21 - 2013-09-14 05:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2015-09-02 14:21 - 2013-09-12 01:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-09-02 14:21 - 2013-09-12 00:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-09-02 14:20 - 2013-12-11 00:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2015-09-02 14:20 - 2013-10-23 04:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2015-09-02 14:20 - 2013-10-23 04:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2015-09-02 14:20 - 2013-10-21 21:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2015-09-02 14:20 - 2013-10-21 20:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2015-09-02 14:20 - 2013-10-21 19:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-02 14:20 - 2013-10-21 19:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-02 14:20 - 2013-10-18 22:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2015-09-02 14:20 - 2013-10-18 22:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-02 14:20 - 2013-10-18 21:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-02 14:20 - 2013-10-18 20:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-02 14:20 - 2013-10-12 20:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2015-09-02 14:20 - 2013-10-10 09:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2015-09-02 14:20 - 2013-10-10 09:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2015-09-02 14:20 - 2013-10-10 07:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2015-09-02 14:20 - 2013-10-10 07:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2015-09-02 14:20 - 2013-10-10 04:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-02 14:20 - 2013-10-07 23:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2015-09-02 14:20 - 2013-10-07 22:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2015-09-02 14:20 - 2013-10-07 22:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2015-09-02 14:20 - 2013-10-07 21:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2015-09-02 14:20 - 2013-10-07 21:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2015-09-02 14:20 - 2013-10-07 00:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-02 14:20 - 2013-10-05 08:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2015-09-02 14:20 - 2013-10-05 04:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2015-09-02 14:20 - 2013-10-05 04:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2015-09-02 14:20 - 2013-10-05 04:00 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-09-02 14:20 - 2013-10-05 02:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-09-02 14:20 - 2013-10-05 02:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2015-09-02 14:20 - 2013-10-05 01:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2015-09-02 14:20 - 2013-10-05 01:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2015-09-02 14:20 - 2013-10-05 01:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2015-09-02 14:20 - 2013-09-16 23:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-09-02 14:20 - 2013-09-16 21:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2015-09-02 14:20 - 2013-09-14 05:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2015-09-02 14:20 - 2013-09-14 03:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2015-09-02 14:20 - 2013-09-14 02:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2015-09-02 14:20 - 2013-09-13 01:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2015-09-02 14:20 - 2013-09-13 00:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2015-09-02 14:20 - 2013-09-12 01:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-09-02 14:20 - 2013-09-12 01:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2015-09-02 14:20 - 2013-09-12 01:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-09-02 14:20 - 2013-09-12 00:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-09-02 14:20 - 2013-09-12 00:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2015-09-02 14:20 - 2013-09-12 00:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-09-02 14:20 - 2013-09-12 00:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-09-02 14:20 - 2013-09-12 00:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-09-02 14:20 - 2013-09-09 21:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2015-09-02 14:19 - 2013-12-08 17:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2015-09-02 14:19 - 2013-12-08 17:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2015-09-02 14:19 - 2013-11-27 08:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2015-09-02 14:19 - 2013-11-27 08:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-09-02 14:19 - 2013-11-27 07:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-09-02 14:19 - 2013-11-27 06:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2015-09-02 14:19 - 2013-11-27 05:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2015-09-02 14:19 - 2013-11-27 03:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2015-09-02 14:19 - 2013-11-27 02:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2015-09-02 14:19 - 2013-11-27 02:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-09-02 14:19 - 2013-11-27 02:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2015-09-02 14:19 - 2013-11-27 02:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2015-09-02 14:19 - 2013-11-27 01:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-09-02 14:19 - 2013-11-27 01:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2015-09-02 14:19 - 2013-11-27 01:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2015-09-02 14:19 - 2013-11-26 06:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-09-02 14:19 - 2013-11-26 06:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-09-02 14:19 - 2013-11-26 04:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-09-02 14:19 - 2013-11-24 18:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2015-09-02 14:19 - 2013-11-24 18:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-09-02 14:19 - 2013-11-24 16:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2015-09-02 14:19 - 2013-11-24 16:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2015-09-02 14:19 - 2013-11-23 05:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2015-09-02 14:19 - 2013-11-23 00:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2015-09-02 14:19 - 2013-11-23 00:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2015-09-02 14:19 - 2013-11-23 00:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-09-02 14:19 - 2013-11-22 21:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-09-02 14:19 - 2013-11-22 20:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-02 14:19 - 2013-11-22 20:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-02 14:19 - 2013-11-20 23:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2015-09-02 14:19 - 2013-11-20 23:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-09-02 14:19 - 2013-11-15 07:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-09-02 14:19 - 2013-11-15 07:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-09-02 14:19 - 2013-11-15 07:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-09-02 14:19 - 2013-11-15 06:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-09-02 14:19 - 2013-10-30 17:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2015-09-02 14:19 - 2013-10-30 16:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2015-09-02 14:18 - 2013-11-08 23:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2015-09-02 14:18 - 2013-11-08 03:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-09-02 14:18 - 2013-11-07 21:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-09-02 14:18 - 2013-11-07 21:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-09-02 14:18 - 2013-11-07 20:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-09-02 14:18 - 2013-11-05 07:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-09-02 14:18 - 2013-11-05 06:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2015-09-02 14:18 - 2013-11-04 03:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-09-02 14:18 - 2013-10-31 23:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2015-09-02 14:18 - 2013-10-30 17:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2015-09-02 14:18 - 2013-10-30 17:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-09-02 14:18 - 2013-10-30 17:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-09-02 14:18 - 2013-10-30 17:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-09-02 14:18 - 2013-10-17 04:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-09-02 14:18 - 2013-10-17 03:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-09-02 14:18 - 2013-10-10 04:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-09-02 14:18 - 2013-10-10 04:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-09-02 14:18 - 2013-10-10 04:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-09-02 14:18 - 2013-10-10 04:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-09-02 14:18 - 2013-10-10 03:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-09-02 14:18 - 2013-10-10 03:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-09-02 14:17 - 2013-11-20 23:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2015-09-02 14:17 - 2013-11-10 19:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2015-09-02 14:17 - 2013-11-08 22:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2015-09-02 14:17 - 2013-11-07 21:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-09-02 14:17 - 2013-11-07 20:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-09-02 14:17 - 2013-11-04 06:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2015-09-02 14:17 - 2013-11-03 19:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2015-09-02 14:17 - 2013-11-01 04:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-09-02 14:17 - 2013-10-31 22:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2015-09-02 14:17 - 2013-10-25 18:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2015-09-02 14:17 - 2013-10-24 02:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2015-09-02 14:17 - 2013-10-24 02:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2015-09-02 14:16 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2015-09-02 14:16 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2015-09-02 14:16 - 2014-04-19 04:15 - 21186352 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-09-02 14:16 - 2014-04-18 23:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-09-02 14:16 - 2014-01-31 09:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2015-09-02 14:16 - 2014-01-31 09:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-09-02 14:16 - 2014-01-31 09:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-09-02 14:16 - 2014-01-31 06:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-09-02 14:16 - 2014-01-31 02:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2015-09-02 14:16 - 2014-01-29 01:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2015-09-02 14:16 - 2014-01-29 01:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-09-02 14:16 - 2014-01-29 01:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2015-09-02 14:16 - 2014-01-29 01:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-09-02 14:16 - 2014-01-29 00:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2015-09-02 14:16 - 2014-01-29 00:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2015-09-02 14:16 - 2014-01-29 00:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-09-02 14:16 - 2014-01-28 23:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2015-09-02 14:16 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2015-09-02 14:16 - 2014-01-27 12:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2015-09-02 14:16 - 2014-01-27 12:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2015-09-02 14:16 - 2014-01-27 12:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2015-09-02 14:16 - 2014-01-27 11:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2015-09-02 14:16 - 2014-01-27 11:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2015-09-02 14:16 - 2014-01-27 11:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2015-09-02 14:16 - 2014-01-27 11:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2015-09-02 14:16 - 2014-01-27 10:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2015-09-02 14:16 - 2014-01-27 10:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2015-09-02 14:16 - 2014-01-27 10:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2015-09-02 14:16 - 2014-01-27 08:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2015-09-02 14:16 - 2014-01-27 08:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2015-09-02 14:16 - 2014-01-27 04:45 - 00386722 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-02 14:16 - 2014-01-17 16:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-09-02 14:16 - 2014-01-17 14:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-09-02 14:16 - 2014-01-06 22:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2015-09-02 14:16 - 2014-01-06 21:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2015-09-02 14:16 - 2013-12-21 07:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2015-09-02 14:16 - 2013-12-21 01:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2015-09-02 14:16 - 2013-11-27 08:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2015-09-02 14:16 - 2013-11-27 04:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2015-09-02 14:16 - 2013-11-27 01:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-09-02 14:16 - 2013-11-27 01:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-09-02 14:16 - 2013-11-27 01:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-09-02 14:16 - 2013-11-27 01:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-09-02 14:16 - 2013-11-20 22:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2015-09-02 14:16 - 2013-10-19 01:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2015-09-02 14:16 - 2013-10-19 00:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2015-09-02 14:16 - 2013-10-16 08:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2015-09-02 14:16 - 2013-10-16 06:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2015-09-02 14:15 - 2014-03-10 03:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-09-02 14:15 - 2014-03-10 03:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2015-09-02 14:15 - 2014-03-06 02:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2015-09-02 14:15 - 2014-03-06 02:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2015-09-02 14:15 - 2014-03-05 23:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2015-09-02 14:15 - 2014-03-05 23:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2015-09-02 14:15 - 2014-02-10 20:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-02 14:15 - 2014-02-10 19:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2015-09-02 14:15 - 2014-02-10 19:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2015-09-02 14:15 - 2014-01-07 00:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2015-09-02 14:15 - 2014-01-06 22:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2015-09-02 14:15 - 2013-12-08 17:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-02 14:15 - 2013-12-08 17:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2015-09-02 14:15 - 2013-12-08 16:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2015-09-02 14:15 - 2013-12-08 16:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-02 14:15 - 2013-11-22 21:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-09-02 14:15 - 2013-11-22 21:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-09-02 14:15 - 2013-10-15 01:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2015-09-02 14:15 - 2013-10-15 01:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2015-09-02 14:15 - 2013-10-12 19:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-09-02 14:15 - 2013-10-12 14:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-09-02 14:15 - 2013-10-12 14:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-09-02 14:15 - 2013-10-05 07:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-02 14:15 - 2013-10-05 01:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-02 14:14 - 2014-01-04 13:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2015-09-02 14:14 - 2014-01-04 12:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2015-09-02 14:14 - 2014-01-04 07:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-09-02 14:14 - 2014-01-04 07:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-09-02 14:14 - 2014-01-04 07:03 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-09-02 14:14 - 2014-01-04 06:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-09-02 14:14 - 2014-01-04 06:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-09-02 14:14 - 2014-01-04 06:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-09-02 14:14 - 2014-01-04 06:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-09-02 14:14 - 2014-01-04 06:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-09-02 14:14 - 2013-12-20 19:10 - 00009701 _____ C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2015-09-02 14:14 - 2013-12-20 19:10 - 00009701 _____ C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2015-09-02 14:14 - 2013-12-08 17:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2015-09-02 14:14 - 2013-11-08 23:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-09-02 14:14 - 2013-11-08 23:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2015-09-02 14:14 - 2013-11-08 22:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2015-09-02 14:11 - 2015-07-05 03:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-09-02 04:20 - 2015-09-02 17:38 - 00000000 ____D C:\Users\Américo\AppData\Local\CrashDumps 2015-09-02 04:18 - 2015-09-02 04:20 - 00000000 ____D C:\Users\Américo\Desktop\Untitled 2015-09-02 04:18 - 2015-09-02 04:18 - 00000000 ____D C:\Users\Américo\Documents\Camtasia Studio 2015-09-02 04:18 - 2015-09-02 04:18 - 00000000 ____D C:\Users\Américo\AppData\Roaming\TechSmith 2015-09-02 04:17 - 2015-09-02 04:17 - 00000000 ____D C:\Users\Américo\AppData\Local\TechSmith 2015-09-02 02:14 - 2015-09-03 05:10 - 00024064 ___SH C:\Users\Américo\Downloads\Thumbs.db 2015-09-02 00:41 - 2015-09-02 00:41 - 00000000 ____D C:\Users\Américo\Desktop\Pics 2015-09-02 00:33 - 2015-09-02 00:44 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Gyazo 2015-09-02 00:31 - 2015-09-02 18:10 - 00000000 ____D C:\Program Files (x86)\Gyazo 2015-09-02 00:31 - 2015-09-02 00:31 - 00003410 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily 2015-09-02 00:31 - 2015-09-02 00:31 - 00003284 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine 2015-09-02 00:31 - 2015-09-02 00:31 - 00001005 _____ C:\Users\Public\Desktop\Gyazo.lnk 2015-09-02 00:31 - 2015-09-02 00:31 - 00001005 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk 2015-09-02 00:31 - 2015-09-02 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2015-09-02 00:30 - 2015-09-02 00:30 - 09986504 _____ (Nota Inc. ) C:\Users\Américo\Downloads\Gyazo-3.1.6.exe 2015-09-01 21:36 - 2015-09-01 21:36 - 00679936 _____ C:\Users\Américo\Downloads\Detection.msi 2015-09-01 19:12 - 2015-09-01 19:12 - 00001195 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk 2015-09-01 19:12 - 2015-09-01 19:12 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith 2015-09-01 19:12 - 2015-09-01 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2015-09-01 19:12 - 2015-09-01 19:12 - 00000000 ____D C:\Program Files (x86)\QuickTime 2015-09-01 19:11 - 2015-09-01 19:11 - 00000000 ____D C:\ProgramData\TechSmith 2015-09-01 19:11 - 2015-09-01 19:11 - 00000000 ____D C:\Program Files (x86)\TechSmith 2015-09-01 18:11 - 2015-09-01 18:14 - 259967288 _____ C:\Users\Américo\Downloads\camtasia.exe 2015-09-01 17:51 - 2015-09-05 04:34 - 00000000 ____D C:\Users\Américo\Documents\ShareX 2015-09-01 17:50 - 2015-09-05 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX 2015-09-01 17:50 - 2015-09-05 23:50 - 00000000 ____D C:\Program Files\ShareX 2015-09-01 17:50 - 2015-09-01 17:50 - 05141063 _____ (ShareX Developers ) C:\Users\Américo\Downloads\ShareX-10.1.0-setup.exe 2015-09-01 17:50 - 2015-09-01 17:50 - 00000807 _____ C:\Users\Américo\Desktop\ShareX.lnk 2015-09-01 15:13 - 2015-09-01 15:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-09-01 05:16 - 2015-09-01 05:16 - 00000000 ____D C:\Users\Américo\AppData\Roaming\WinAuth 2015-09-01 05:11 - 2014-08-29 22:59 - 03900928 _____ C:\Users\Américo\Desktop\WinAuth.exe 2015-09-01 05:10 - 2015-09-01 05:10 - 01502629 _____ C:\Users\Américo\Downloads\WinAuth-3.1.8.zip 2015-09-01 05:09 - 2015-09-02 04:11 - 00000000 ____D C:\Users\Américo\Desktop\AHK 2015-08-31 22:30 - 2015-08-31 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2015-08-31 22:29 - 2015-08-31 22:30 - 00000000 ____D C:\Program Files\AutoHotkey 2015-08-31 22:29 - 2015-08-31 22:29 - 02863129 _____ C:\Users\Américo\Downloads\AutoHotkey112204_Install.exe 2015-08-31 22:28 - 2015-09-07 11:34 - 00000024 _____ C:\Users\Américo\random.dat 2015-08-31 22:28 - 2015-09-07 02:43 - 00000047 _____ C:\Users\Américo\jagex_cl_oldschool_LIVE.dat 2015-08-31 22:28 - 2015-09-05 01:23 - 00000000 ____D C:\Users\Américo\jagexcache 2015-08-31 22:27 - 2015-09-01 05:15 - 00000000 ____D C:\Users\Américo\RuneLoader 2015-08-31 22:27 - 2015-08-31 22:27 - 02620903 _____ C:\Users\Américo\Downloads\v2-RC-Launcher.jar 2015-08-31 22:26 - 2015-08-31 22:26 - 00000000 ____D C:\Users\Américo\Tracing 2015-08-31 22:23 - 2015-09-05 21:59 - 00000000 ____D C:\Users\Américo\AppData\Local\RA4W_VPN 2015-08-31 22:23 - 2015-08-31 22:23 - 01958504 _____ C:\Users\Américo\Downloads\winrar-x64-53b3.exe 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\Users\Américo\AppData\Roaming\WinRAR 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Sun 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\Users\Américo\.oracle_jre_usage 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-31 22:23 - 2015-08-31 22:23 - 00000000 ____D C:\Program Files\WinRAR 2015-08-31 22:22 - 2015-08-31 22:22 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-08-31 22:22 - 2015-08-31 22:22 - 00000000 ____D C:\Users\Américo\AppData\Local\Skype 2015-08-31 22:22 - 2015-08-31 22:22 - 00000000 ____D C:\ProgramData\Oracle 2015-08-31 22:22 - 2015-08-31 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-31 22:21 - 2015-09-07 13:06 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Skype 2015-08-31 22:21 - 2015-08-31 22:21 - 02164324 _____ C:\Users\Américo\Downloads\RA4WVPN Client.zip 2015-08-31 22:21 - 2015-08-31 22:21 - 00090408 _____ () C:\Users\Américo\Downloads\ScreenMarker.exe 2015-08-31 22:21 - 2015-08-31 22:21 - 00061440 _____ (Gary's Hood) C:\Users\Américo\Downloads\rsclient.exe 2015-08-31 22:21 - 2015-08-31 22:21 - 00004286 _____ C:\Users\Américo\Downloads\Tiny.cur 2015-08-31 22:21 - 2015-08-31 22:21 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk 2015-08-31 22:21 - 2015-08-31 22:21 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-31 22:21 - 2015-08-31 22:21 - 00000000 ____D C:\ProgramData\Skype 2015-08-31 22:21 - 2015-08-31 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-31 22:21 - 2015-08-31 22:21 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-31 22:20 - 2015-08-31 22:20 - 01201664 _____ C:\Users\Américo\Downloads\Novo AutoHotkey Script.exe 2015-08-31 22:20 - 2015-08-31 22:20 - 00584288 _____ (Oracle Corporation) C:\Users\Américo\Downloads\chromeinstall-8u60.exe 2015-08-31 22:20 - 2015-08-31 22:20 - 00024064 _____ C:\Users\Américo\Downloads\_Thumbs.db 2015-08-31 22:20 - 2015-08-31 22:20 - 00004286 _____ C:\Users\Américo\Downloads\aero_arrow.cur 2015-08-31 22:20 - 2015-08-31 22:20 - 00000940 _____ C:\Users\Américo\Downloads\Firewall Block Resolver.bat 2015-08-31 22:20 - 2015-08-31 22:20 - 00000515 _____ C:\Users\Américo\Downloads\Accounts (1).txt 2015-08-31 22:19 - 2015-08-31 22:20 - 01385504 _____ (Skype Technologies S.A.) C:\Users\Américo\Downloads\SkypeSetup.exe 2015-08-31 22:16 - 2015-08-31 22:16 - 00001338 _____ C:\Users\Américo\Downloads\TeamSpeak.txt 2015-08-31 22:16 - 2015-08-31 22:16 - 00001082 _____ C:\Users\Américo\Downloads\NMZ - Copy.ahk 2015-08-31 22:16 - 2015-08-31 22:16 - 00000350 _____ C:\Users\Américo\Downloads\Threads.txt 2015-08-31 22:16 - 2015-08-31 22:16 - 00000292 _____ C:\Users\Américo\Downloads\Novo AutoHotkey Script (2).ahk 2015-08-31 22:15 - 2015-09-01 19:13 - 00000573 _____ C:\Users\Américo\Downloads\Accounts.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 31579146 _____ (NewBlue, Inc ) C:\Users\Américo\Downloads\NewBluePluginsBundlePatch121206.exe 2015-08-31 22:15 - 2015-08-31 22:15 - 30289368 _____ (NewBlue, Inc ) C:\Users\Américo\Downloads\NewBluePluginsBundlePatch121206(32-bit).exe 2015-08-31 22:15 - 2015-08-31 22:15 - 00003101 _____ C:\Users\Américo\Downloads\Readme_Installer.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00003008 _____ C:\Users\Américo\Downloads\Readme_Installer (1).txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00002989 _____ C:\Users\Américo\Downloads\VR.nfo 2015-08-31 22:15 - 2015-08-31 22:15 - 00002989 _____ C:\Users\Américo\Downloads\VR (1).nfo 2015-08-31 22:15 - 2015-08-31 22:15 - 00000856 _____ C:\Users\Américo\Downloads\Imagens - Atalho.download 2015-08-31 22:15 - 2015-08-31 22:15 - 00000758 _____ C:\Users\Américo\Downloads\Bitchain.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00000506 _____ C:\Users\Américo\Downloads\Playlists.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00000106 _____ C:\Users\Américo\Downloads\How to get your Ikov PIN unlocked.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00000083 _____ C:\Users\Américo\Downloads\livros.txt 2015-08-31 22:15 - 2015-08-31 22:15 - 00000034 _____ C:\Users\Américo\Downloads\Emails.txt 2015-08-31 22:11 - 2015-09-03 19:17 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-31 22:11 - 2015-08-31 22:11 - 00000000 ____D C:\Users\Américo\AppData\Roaming\KoshyJohn.com 2015-08-31 22:11 - 2015-08-31 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com 2015-08-31 22:11 - 2015-08-31 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-31 22:10 - 2015-09-07 12:15 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-31 22:10 - 2015-09-06 22:15 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-31 22:10 - 2015-08-31 22:11 - 00000000 ____D C:\Users\Américo\AppData\Local\Google 2015-08-31 22:10 - 2015-08-31 22:11 - 00000000 ____D C:\Program Files (x86)\Google 2015-08-31 22:10 - 2015-08-31 22:10 - 00003994 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-31 22:10 - 2015-08-31 22:10 - 00003758 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-31 22:09 - 2015-09-07 12:45 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2B6109E4-A47F-4FFD-B86B-7E8F97CA77A5} 2015-08-31 22:09 - 2015-08-31 22:10 - 00000000 ____D C:\Users\Américo\AppData\Local\Deployment 2015-08-31 22:09 - 2015-08-31 22:09 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Macromedia 2015-08-31 22:09 - 2015-08-31 22:09 - 00000000 ____D C:\Users\Américo\AppData\Local\Apps\2.0 2015-08-31 21:09 - 2015-08-31 21:09 - 00000000 ____D C:\ProgramData\ToshibaEurope 2015-08-31 21:08 - 2015-09-05 23:27 - 00000000 __RDO C:\Users\Américo\SkyDrive 2015-08-31 21:05 - 2015-09-07 12:23 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3592306595-23714473-1056629956-1001 2015-08-31 21:01 - 2015-08-31 21:05 - 00000000 ____D C:\Users\Américo\AppData\Local\PackageStaging 2015-08-31 21:01 - 2015-08-31 21:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2015-08-31 21:01 - 2015-08-31 21:01 - 00000000 ____D C:\Users\Américo\AppData\Local\TOSHIBA 2015-08-31 20:58 - 2015-09-03 12:15 - 00000000 ____D C:\Users\Américo\AppData\Local\Packages 2015-08-31 20:58 - 2015-08-31 20:58 - 00001445 _____ C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-31 20:58 - 2015-08-31 20:58 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Adobe 2015-08-31 20:58 - 2015-08-31 20:58 - 00000000 ____D C:\Users\Américo\AppData\Local\VirtualStore 2015-08-31 20:55 - 2015-09-07 11:39 - 00000000 ____D C:\Users\Américo 2015-08-31 20:55 - 2015-08-31 20:55 - 00000020 ___SH C:\Users\Américo\ntuser.ini 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Os Meus Documentos 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Modelos 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Menu Iniciar 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Documents\Os Meus Vídeos 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Documents\As Minhas Imagens 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Documents\A Minha Música 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\Definições Locais 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2015-08-31 20:55 - 2015-08-31 20:55 - 00000000 _SHDL C:\Users\Américo\AppData\Local\Histórico 2015-08-31 20:55 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-31 20:55 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-31 20:55 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-08-31 20:55 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Américo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-08-31 19:40 - 2015-08-31 20:40 - 00000000 _____ C:\Recovery.txt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-07 13:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-07 12:16 - 2013-10-07 18:10 - 01402396 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-06 20:28 - 2013-08-22 08:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-06 09:05 - 2013-08-22 07:46 - 00015810 _____ C:\WINDOWS\setupact.log 2015-09-05 22:49 - 2013-09-16 14:18 - 01816356 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-05 22:49 - 2013-08-28 08:57 - 00788756 _____ C:\WINDOWS\system32\prfh0816.dat 2015-09-05 22:49 - 2013-08-28 08:57 - 00163828 _____ C:\WINDOWS\system32\prfc0816.dat 2015-09-05 22:44 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-05 18:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache 2015-09-05 18:23 - 2013-10-07 18:42 - 00000000 ____D C:\ProgramData\McAfee 2015-09-05 18:23 - 2013-10-07 18:42 - 00000000 ____D C:\Program Files\Common Files\mcafee 2015-09-05 18:23 - 2013-10-07 18:42 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-09-05 18:23 - 2013-09-16 23:05 - 00001320 _____ C:\WINDOWS\PFRO.log 2015-09-05 18:23 - 2013-08-22 07:44 - 00336664 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-05 18:22 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-09-05 18:20 - 2013-08-28 08:39 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-09-05 18:20 - 2013-08-22 12:11 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-09-05 18:20 - 2013-08-22 12:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\WinStore 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\tr-TR 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Com 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\IME 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Help 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Common Files\System 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-09-05 18:20 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-09-05 18:20 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\servicing 2015-09-05 18:19 - 2013-08-22 08:36 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-09-05 18:19 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-09-05 18:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2015-09-05 18:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\FileManager 2015-09-05 18:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Camera 2015-09-05 18:18 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2015-09-05 18:18 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-09-03 12:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-02 14:25 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-09-01 19:09 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\restore 2015-09-01 04:56 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-08-31 22:29 - 2013-08-22 12:11 - 00000000 ____D C:\WINDOWS\ShellNew 2015-08-31 21:10 - 2013-09-16 14:20 - 00000000 ____D C:\ProgramData\Toshiba 2015-08-31 21:03 - 2013-10-07 18:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\TOSHIBA 2015-08-31 20:40 - 2013-09-17 15:53 - 00000000 ____D C:\WINDOWS\Panther 2015-08-31 19:40 - 2013-09-16 23:10 - 00000000 __SHD C:\Recovery 2015-08-31 19:40 - 2013-08-22 08:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2015-08-31 19:40 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Recovery Some files in TEMP: ==================== C:\Users\Américo\AppData\Local\Temp\ShareX-10.2.0-setup.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed