Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
Ran by Dell (administrator) on WINDOWS-P2SG413 (24-11-2016 12:01:38)
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\ZTEMT UI\bin\MonServiceUDisk.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(© 2015 Microsoft Corporation) C:\Users\Dell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-16] (Dell Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-06-24] (Bitdefender)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296056 2015-09-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-27] (Tonec Inc.)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [BingSvc] => C:\Users\Dell\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [Google Update] => C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-07-19] (Google Inc.)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {7d939164-9a78-11e6-8299-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {7d93916a-9a78-11e6-8299-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {a28a6188-5897-11e5-8255-303a645e6aa4} - "D:\Setup.exe" /Auto
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {c073117d-82ce-11e6-827b-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-09-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-08-09]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{A5AC2C5A-A9B8-4BF2-9729-4B1CAF6AF148}: [DhcpNameServer] 192.168.15.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2699064319-4166293819-890525629-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
SearchScopes: HKU\S-1-5-21-2699064319-4166293819-890525629-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2015-09-11] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-10-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-10-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2015-09-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2016-11-24] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-09-11] (RealPlayer)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-2699064319-4166293819-890525629-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dell\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2699064319-4166293819-890525629-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dell\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-18]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-18]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-18]
CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-11-21]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-20]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-09-11]
CHR Extension: (IDM Integration Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-18]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
CHR HKU\S-1-5-21-2699064319-4166293819-890525629-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2015-09-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-07] (CyberLink)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2010-06-16] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 UDisk Monitor; C:\Program Files\ZTEMT UI\bin\MonServiceUDisk.exe [403456 2010-05-11] () [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-24] (Bitdefender)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 avc3; C:\windows\System32\DRIVERS\avc3.sys [1605376 2016-11-21] (BitDefender)
R3 avckf; C:\windows\System32\DRIVERS\avckf.sys [878072 2016-11-21] (BitDefender)
S0 bdelam; C:\windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation)
R3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)
R0 ignis; C:\windows\system32\DRIVERS\ignis.sys [299816 2016-06-16] (Bitdefender)
R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)
R3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-04-09] (Synaptics Incorporated)
R0 trufos; C:\windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 wdm_usb; C:\windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 ztemtusbser; C:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-06-07] (ZTEMT Incorporated)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 12:01 - 2016-11-24 12:02 - 00024733 _____ C:\Users\Dell\Desktop\FRST.txt
2016-11-24 12:01 - 2016-11-24 12:01 - 00000000 ____D C:\FRST
2016-11-24 09:59 - 2016-11-24 09:59 - 00000789 _____ C:\bdlog.txt
2016-11-23 17:56 - 2016-11-23 17:56 - 00000000 ____D C:\Users\Dell\AppData\LocalLow\uTorrent
2016-11-22 21:39 - 2016-11-22 21:39 - 02412544 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2016-11-22 21:37 - 2016-11-22 21:37 - 00000000 ____D C:\UsbFix
2016-11-22 21:35 - 2016-11-22 21:37 - 03809727 _____ (SOSVirus) C:\Users\Dell\Downloads\UsbFix_9.005.exe
2016-11-22 14:32 - 2016-11-22 14:32 - 00000385 _____ C:\Users\Dell\AppData\Roaminguser_gensett.xml
2016-11-22 01:18 - 2016-11-22 01:18 - 00048439 _____ C:\Users\Dell\Downloads\imperium_HI_english-1428065.zip
2016-11-22 01:17 - 2016-11-22 01:17 - 00049889 _____ C:\Users\Dell\Downloads\fourth-man-out_HI_english-1438417.zip
2016-11-21 22:53 - 2016-11-24 10:01 - 00065536 _____ C:\windows\system32\Ikeext.etl
2016-11-21 22:53 - 2016-11-21 22:53 - 00000385 _____ C:\windows\system32\user_gensett.xml
2016-11-21 22:52 - 2016-11-21 22:52 - 00809744 _____ C:\ProgramData\1479760369.bdinstall.bin
2016-11-21 22:51 - 2016-11-21 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-11-21 22:50 - 2016-11-21 23:07 - 00878072 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2016-11-21 22:50 - 2016-11-21 23:06 - 01605376 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2016-11-21 22:50 - 2016-11-21 22:50 - 00000000 ____D C:\ProgramData\BDLogging
2016-11-21 22:50 - 2016-06-16 16:45 - 00299816 _____ (Bitdefender) C:\windows\system32\Drivers\ignis.sys
2016-11-21 22:50 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\windows\system32\Drivers\bdvedisk.sys
2016-11-21 22:50 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\windows\system32\Drivers\bdelam.sys
2016-11-21 22:50 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2016-11-21 22:36 - 2016-11-21 22:36 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Bitdefender
2016-11-21 22:33 - 2016-11-21 23:09 - 00000000 ____D C:\ProgramData\Bitdefender
2016-11-21 22:33 - 2016-11-21 22:33 - 00000000 ____D C:\Program Files\Bitdefender
2016-11-21 22:33 - 2016-03-10 06:41 - 00520032 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2016-11-21 22:33 - 2015-12-16 04:53 - 00182936 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys
2016-11-21 22:32 - 2016-11-21 22:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-11-21 22:32 - 2016-11-21 22:32 - 00000000 ____D C:\Users\Dell\AppData\Roaming\QuickScan
2016-11-21 20:56 - 2016-11-21 20:56 - 00003640 _____ C:\windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-11-21 20:53 - 2016-11-24 10:05 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-21 20:53 - 2016-11-21 20:53 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-11-21 20:51 - 2016-11-21 20:53 - 11842648 _____ C:\Users\Dell\Downloads\bitdefender_windows_ae4e4599-e38b-4081-8bfc-0e2dc6171565.exe
2016-11-21 19:52 - 2016-11-24 11:36 - 00000000 ____D C:\Users\Dell\AppData\Roaming\DMCache
2016-11-17 22:48 - 2016-11-23 08:58 - 00000000 ___HD C:\Users\Dell\AppData\Roaming\ssxkke
2016-11-08 18:40 - 2016-11-08 18:40 - 00000000 __SHD C:\Users\Dell\AppData\LocalLow\EmieUserList
2016-11-01 20:04 - 2016-11-01 20:04 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-11-01 20:04 - 2016-11-01 20:04 - 00000000 ____D C:\Program Files\Dell Support Center
2016-10-26 04:02 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\GeofenceMonitorService.dll
2016-10-26 04:02 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\GeofenceMonitorService.dll
2016-10-26 04:01 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll
2016-10-26 04:01 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll
2016-10-26 04:00 - 2016-01-09 03:49 - 00218448 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2016-10-26 04:00 - 2016-01-09 03:49 - 00192120 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2016-10-26 03:55 - 2015-11-19 16:33 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-10-26 03:55 - 2015-11-19 16:26 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-10-26 03:54 - 2015-09-29 14:24 - 00155480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-10-26 03:54 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\calc.exe
2016-10-26 03:54 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe
2016-10-26 03:43 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2016-10-26 03:43 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-26 03:36 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2016-10-26 03:36 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll
2016-10-26 03:35 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2016-10-26 03:34 - 2015-09-04 21:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2016-10-26 03:33 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2016-10-26 03:27 - 2016-01-22 10:03 - 00419168 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-10-26 03:27 - 2016-01-22 07:27 - 01335296 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2016-10-26 03:27 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-10-26 03:27 - 2016-01-22 07:13 - 01063424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2016-10-26 03:27 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-10-26 03:27 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-10-26 03:27 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-10-26 03:27 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\smphost.dll
2016-10-26 03:27 - 2014-10-29 03:21 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\delegatorprovider.dll
2016-10-26 03:27 - 2014-10-29 03:21 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\storagewmi_passthru.dll
2016-10-26 03:27 - 2014-10-29 03:04 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\smphost.dll
2016-10-26 03:27 - 2014-10-29 03:00 - 00020480 _____ (Microsoft Corporation) C:\windows\SysWOW64\delegatorprovider.dll
2016-10-26 03:27 - 2014-10-29 03:00 - 00019968 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi_passthru.dll
2016-10-26 03:16 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2016-10-26 03:16 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2016-10-26 03:16 - 2014-10-29 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\WorkFolders.exe
2016-10-26 03:16 - 2014-10-29 03:50 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2016-10-26 03:08 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2016-10-26 03:08 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2016-10-26 02:59 - 2016-01-09 03:38 - 00091992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-10-26 02:34 - 2015-08-29 00:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2016-10-26 02:34 - 2014-10-29 03:21 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\AuthHostProxy.dll
2016-10-26 02:34 - 2014-10-29 02:40 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2016-10-26 02:34 - 2014-10-29 02:34 - 00104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2016-10-26 02:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2016-10-26 02:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2016-10-26 02:12 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys
2016-10-26 02:12 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys
2016-10-26 02:12 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2016-10-26 02:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\windows\system32\mrt_map.dll
2016-10-26 02:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\windows\system32\mrt100.dll
2016-10-26 02:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt_map.dll
2016-10-26 02:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt100.dll
2016-10-26 01:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2016-10-26 01:41 - 2015-10-03 21:41 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-10-26 01:41 - 2015-10-03 21:41 - 01124384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-10-26 01:26 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2016-10-26 01:26 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2016-10-26 01:26 - 2014-10-29 04:43 - 00017408 _____ (Microsoft Corporation) C:\windows\hh.exe
2016-10-26 01:26 - 2014-10-29 04:19 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\hhsetup.dll
2016-10-26 01:26 - 2014-10-29 03:58 - 00015872 _____ (Microsoft Corporation) C:\windows\SysWOW64\hh.exe
2016-10-26 01:26 - 2014-10-29 03:40 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhsetup.dll
2016-10-26 01:19 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2016-10-26 01:18 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-10-26 01:12 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\rgb9rast.dll
2016-10-26 01:12 - 2014-10-29 04:34 - 00189440 _____ (Microsoft Corporation) C:\windows\system32\rgb9rast.dll
2016-10-26 00:58 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeui.exe
2016-10-26 00:48 - 2015-12-30 22:49 - 00470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-10-26 00:48 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2016-10-26 00:41 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2016-10-26 00:01 - 2016-01-07 01:46 - 00148752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2016-10-26 00:01 - 2016-01-07 01:45 - 00177712 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2016-10-26 00:01 - 2016-01-06 18:47 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-10-26 00:01 - 2014-10-29 04:40 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\wscproxystub.dll
2016-10-26 00:01 - 2014-10-29 04:35 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\wscisvif.dll
2016-10-26 00:01 - 2014-10-29 03:56 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscproxystub.dll
2016-10-26 00:01 - 2014-10-29 03:52 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscisvif.dll
2016-10-25 22:49 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-10-25 22:49 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-10-25 21:41 - 2015-11-21 18:59 - 01706496 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-10-25 21:41 - 2015-11-21 18:49 - 01344000 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-10-25 21:41 - 2015-11-21 18:47 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-10-25 21:41 - 2015-11-21 18:40 - 00414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-10-25 21:34 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-10-25 21:34 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-10-25 21:34 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-10-25 21:34 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-10-25 21:34 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-10-25 21:34 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-10-25 21:34 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-10-25 21:34 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-10-25 21:34 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\cfgbkend.dll
2016-10-25 21:34 - 2016-01-10 19:31 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-10-25 21:34 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-10-25 21:34 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\cfgbkend.dll
2016-10-25 21:34 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-10-25 21:34 - 2016-01-10 18:58 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-10-25 21:34 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-10-25 21:34 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-10-25 21:34 - 2016-01-10 18:40 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-10-25 21:34 - 2014-10-29 03:25 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-10-25 21:34 - 2014-10-29 03:02 - 00072704 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-10-25 21:26 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-10-25 21:26 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-10-25 21:25 - 2015-12-02 17:04 - 00670208 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-10-25 21:25 - 2015-12-02 17:01 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-10-25 21:25 - 2015-11-05 10:59 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-10-25 21:25 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-10-25 21:25 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-10-25 21:25 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-10-25 21:25 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-10-25 21:25 - 2014-10-29 06:03 - 00116032 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-10-25 21:25 - 2014-10-29 04:44 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-10-25 21:25 - 2014-10-29 04:42 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2016-10-25 21:25 - 2014-10-29 04:22 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-10-25 21:25 - 2014-10-29 03:58 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2016-10-25 21:25 - 2014-10-29 03:42 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-10-25 21:16 - 2016-01-10 19:02 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-10-25 21:16 - 2016-01-10 18:43 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-10-25 21:15 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2016-10-25 21:15 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 02745184 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02528784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02450240 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02447136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02334104 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 02324744 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01877504 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01798480 ____C (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01484888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01288128 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01210200 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 01150232 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 01115640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01037680 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00914672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00850680 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00735496 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00700360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00629600 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00584656 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00557856 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00498472 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00492736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00463776 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00399776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00299080 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00275312 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00274280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00250520 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00248432 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00246856 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00244296 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00229272 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00203016 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00184912 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00183856 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00116720 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00110544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00099136 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00090904 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00090392 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00081032 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00076936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-10-25 21:15 - 2015-12-03 20:07 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-10-25 21:15 - 2015-12-03 20:07 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-10-25 21:15 - 2015-12-03 20:05 - 00644608 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-10-25 21:15 - 2015-12-03 20:02 - 01664000 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-10-25 21:15 - 2015-12-03 20:00 - 00451072 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:58 - 00378880 ____C (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-10-25 21:15 - 2015-12-03 19:36 - 01697792 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-10-25 21:15 - 2015-12-03 19:30 - 00468480 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-10-25 21:15 - 2015-12-03 19:28 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-10-25 21:15 - 2015-12-03 19:28 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-10-25 21:15 - 2015-12-03 19:27 - 00736256 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:24 - 01411584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-10-25 21:15 - 2015-12-03 19:23 - 00402432 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:06 - 01501184 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-10-25 21:15 - 2015-12-03 19:01 - 00743936 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-10-25 21:15 - 2015-12-03 18:40 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-10-25 21:15 - 2015-12-03 18:29 - 00887296 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-10-25 21:15 - 2014-10-29 05:58 - 00014528 ____C (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-10-25 21:15 - 2014-10-29 05:52 - 00022208 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-10-25 21:15 - 2014-10-29 05:07 - 00019096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-10-25 21:15 - 2014-10-29 04:47 - 00089088 ____C (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-10-25 21:15 - 2014-10-29 04:46 - 00272384 ____C (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-10-25 21:11 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2016-10-25 21:11 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2016-10-25 21:11 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-10-25 21:11 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-10-25 21:11 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2016-10-25 21:11 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2016-10-25 21:11 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2016-10-25 21:11 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-10-25 21:11 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2016-10-25 21:11 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2016-10-25 21:11 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-10-25 21:11 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2016-10-25 21:11 - 2014-10-29 04:42 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2016-10-25 21:11 - 2014-10-29 04:33 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2016-10-25 21:11 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2016-10-25 21:10 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-10-25 21:10 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-10-25 21:10 - 2015-10-13 19:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-10-25 21:10 - 2015-10-13 19:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-10-25 21:10 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-10-25 21:10 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-10-25 21:10 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2016-10-25 21:10 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2016-10-25 21:10 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-10-25 21:09 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-10-25 21:09 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-10-25 21:09 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-10-25 21:03 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\atlthunk.dll
2016-10-25 21:03 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\atlthunk.dll
2016-10-25 20:42 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2016-10-25 20:42 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2016-10-25 20:42 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-10-25 20:42 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-10-25 20:41 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-10-25 20:41 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-10-25 20:41 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-10-25 20:41 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-10-25 20:41 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-10-25 20:41 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-10-25 20:41 - 2014-10-29 04:43 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-10-25 20:41 - 2014-10-29 04:17 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-10-25 20:41 - 2014-10-29 03:58 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-10-25 20:41 - 2014-10-29 03:38 - 00087552 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-10-25 20:41 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-10-25 20:41 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-10-25 20:41 - 2014-10-29 03:04 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-10-25 20:41 - 2014-10-29 03:04 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-10-25 20:40 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2016-10-25 20:40 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-10-25 20:40 - 2014-10-29 04:13 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\BdeUISrv.exe
2016-10-25 20:40 - 2014-10-29 03:26 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\BitLockerDeviceEncryption.exe
2016-10-25 20:40 - 2014-10-29 03:16 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-10-25 20:38 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\windows\system32\WMASF.DLL
2016-10-25 20:38 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMASF.DLL
2016-10-25 20:38 - 2016-02-05 17:03 - 15432704 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-10-25 20:38 - 2016-02-05 17:00 - 13318144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-10-25 20:38 - 2014-10-29 04:45 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-10-25 20:38 - 2014-10-29 04:45 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-10-25 20:38 - 2014-10-29 04:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\LAPRXY.DLL
2016-10-25 20:38 - 2014-10-29 04:08 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-10-25 20:38 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-10-25 20:38 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-10-25 20:38 - 2014-10-29 03:51 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\LAPRXY.DLL
2016-10-25 20:38 - 2014-10-29 03:32 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-10-25 18:01 - 2016-10-31 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-10-25 03:41 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-25 03:41 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-25 00:26 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2016-10-25 00:26 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2016-10-25 00:26 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2016-10-25 00:26 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2016-10-25 00:01 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-10-25 00:01 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 12:00 - 2016-07-18 16:54 - 00000000 ____D C:\Users\Dell\AppData\Roaming\vlc
2016-11-24 11:45 - 2016-07-19 18:29 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699064319-4166293819-890525629-1001UA.job
2016-11-24 11:26 - 2013-08-22 17:36 - 00000000 ____D C:\windows\tracing
2016-11-24 10:05 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-11-24 10:03 - 2015-01-15 18:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-11-24 10:02 - 2016-10-07 17:30 - 00008192 _____ C:\windows\SysWOW64\WDPABKP.dat
2016-11-24 10:00 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-24 09:59 - 2016-08-11 23:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent
2016-11-24 09:59 - 2015-09-11 16:31 - 00003950 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{F6C8DDB0-E23F-4AAE-AFB8-1839773FEFA2}
2016-11-23 19:45 - 2016-07-19 18:29 - 00000884 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699064319-4166293819-890525629-1001Core.job
2016-11-23 14:50 - 2015-09-11 16:18 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2699064319-4166293819-890525629-1001
2016-11-23 09:05 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell
2016-11-22 21:47 - 2016-10-06 19:14 - 00000000 ____D C:\Users\Dell\Desktop\iheb
2016-11-22 19:19 - 2015-09-11 16:31 - 00000000 ____D C:\KMPlayer
2016-11-21 20:46 - 2016-07-19 19:02 - 00000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC
2016-11-21 20:29 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-11-21 20:01 - 2013-08-22 15:25 - 00786432 ___SH C:\windows\system32\config\BBI
2016-11-21 19:47 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\AppData\Roaming\IDM
2016-11-21 18:34 - 2015-09-11 16:31 - 00776610 _____ C:\windows\system32\perfh00C.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00431632 _____ C:\windows\system32\perfh001.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00149292 _____ C:\windows\system32\perfc00C.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00065296 _____ C:\windows\system32\perfc001.dat
2016-11-21 18:34 - 2015-01-15 18:15 - 02274834 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-21 13:57 - 2016-08-30 18:12 - 00000000 ____D C:\Users\Dell\Documents\GTA San Andreas User Files
2016-11-19 22:27 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-16 14:37 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell\AppData\Local\VirtualStore
2016-11-15 02:31 - 2015-09-11 16:38 - 00002385 _____ C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-15 02:31 - 2015-09-11 16:38 - 00002377 _____ C:\Users\Dell\Desktop\Google Chrome.lnk
2016-11-11 20:38 - 2015-09-11 16:35 - 00000000 ____D C:\FFOutput
2016-11-11 20:33 - 2015-09-11 16:13 - 00000000 ____D C:\Users\Dell\Desktop\lina
2016-11-08 18:40 - 2016-10-07 13:49 - 00000000 __SHD C:\Users\Dell\AppData\LocalLow\EmieSiteList
2016-11-02 19:53 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\Downloads\Compressed
2016-11-02 19:38 - 2016-09-24 12:50 - 00000000 ____D C:\Users\Dell\Downloads\Imen
2016-11-01 22:52 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\Downloads\Video
2016-11-01 20:04 - 2015-01-15 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-11-01 20:03 - 2015-01-15 18:55 - 00000000 ____D C:\ProgramData\PCDr
2016-11-01 19:09 - 2015-09-11 16:38 - 00000000 ____D C:\Users\Dell\AppData\Local\Google
2016-10-30 02:58 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-10-30 02:04 - 2016-08-09 09:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-29 00:10 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-28 13:37 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell\AppData\Local\Packages
2016-10-26 04:21 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-10-26 04:20 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-10-25 19:03 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
==================== Files in the root of some directories =======
2016-11-21 22:52 - 2016-11-21 22:52 - 0809744 _____ () C:\ProgramData\1479760369.bdinstall.bin
2015-01-15 20:03 - 2015-01-15 20:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-15 18:49 - 2015-01-15 18:49 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-01-15 18:43 - 2015-01-15 18:44 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-01-15 18:44 - 2015-01-15 18:46 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-01-15 18:46 - 2015-01-15 18:48 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-01-15 18:42 - 2015-01-15 18:43 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Dell\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Dell\AppData\Local\Temp\GUR68E0.exe
C:\Users\Dell\AppData\Local\Temp\{50C0A2FE-7A7C-4CCE-BF9D-07B4B3000E07}-53.0.2785.143_53.0.2785.116_chrome_updater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-17 19:10
==================== End of FRST.txt ============================
Ran by Dell (administrator) on WINDOWS-P2SG413 (24-11-2016 12:01:38)
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\ZTEMT UI\bin\MonServiceUDisk.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(© 2015 Microsoft Corporation) C:\Users\Dell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-16] (Dell Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-06-24] (Bitdefender)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296056 2015-09-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-27] (Tonec Inc.)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [BingSvc] => C:\Users\Dell\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\Run: [Google Update] => C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-07-19] (Google Inc.)
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {7d939164-9a78-11e6-8299-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {7d93916a-9a78-11e6-8299-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {a28a6188-5897-11e5-8255-303a645e6aa4} - "D:\Setup.exe" /Auto
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\MountPoints2: {c073117d-82ce-11e6-827b-303a645e6aa4} - "D:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-09-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-08-09]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{A5AC2C5A-A9B8-4BF2-9729-4B1CAF6AF148}: [DhcpNameServer] 192.168.15.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2699064319-4166293819-890525629-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2699064319-4166293819-890525629-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
SearchScopes: HKU\S-1-5-21-2699064319-4166293819-890525629-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2015-09-11] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-16] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-16] (Bitdefender)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2016-10-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-10-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2015-09-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-2699064319-4166293819-890525629-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2016-11-24] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2015-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-09-11] (RealPlayer)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-2699064319-4166293819-890525629-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dell\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2699064319-4166293819-890525629-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dell\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-18]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-18]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-18]
CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-11]
CHR Extension: (Bitdefender Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-11-21]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-20]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-09-11]
CHR Extension: (IDM Integration Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-18]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
CHR HKU\S-1-5-21-2699064319-4166293819-890525629-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2015-09-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-07] (CyberLink)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2010-06-16] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 UDisk Monitor; C:\Program Files\ZTEMT UI\bin\MonServiceUDisk.exe [403456 2010-05-11] () [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-24] (Bitdefender)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdiommu; C:\windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 avc3; C:\windows\System32\DRIVERS\avc3.sys [1605376 2016-11-21] (BitDefender)
R3 avckf; C:\windows\System32\DRIVERS\avckf.sys [878072 2016-11-21] (BitDefender)
S0 bdelam; C:\windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation)
R3 DellProf; C:\windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R3 DellRbtn; C:\windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)
R0 ignis; C:\windows\system32\DRIVERS\ignis.sys [299816 2016-06-16] (Bitdefender)
R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)
R3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-04-09] (Synaptics Incorporated)
R0 trufos; C:\windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 wdm_usb; C:\windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 ztemtusbser; C:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-06-07] (ZTEMT Incorporated)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 12:01 - 2016-11-24 12:02 - 00024733 _____ C:\Users\Dell\Desktop\FRST.txt
2016-11-24 12:01 - 2016-11-24 12:01 - 00000000 ____D C:\FRST
2016-11-24 09:59 - 2016-11-24 09:59 - 00000789 _____ C:\bdlog.txt
2016-11-23 17:56 - 2016-11-23 17:56 - 00000000 ____D C:\Users\Dell\AppData\LocalLow\uTorrent
2016-11-22 21:39 - 2016-11-22 21:39 - 02412544 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2016-11-22 21:37 - 2016-11-22 21:37 - 00000000 ____D C:\UsbFix
2016-11-22 21:35 - 2016-11-22 21:37 - 03809727 _____ (SOSVirus) C:\Users\Dell\Downloads\UsbFix_9.005.exe
2016-11-22 14:32 - 2016-11-22 14:32 - 00000385 _____ C:\Users\Dell\AppData\Roaminguser_gensett.xml
2016-11-22 01:18 - 2016-11-22 01:18 - 00048439 _____ C:\Users\Dell\Downloads\imperium_HI_english-1428065.zip
2016-11-22 01:17 - 2016-11-22 01:17 - 00049889 _____ C:\Users\Dell\Downloads\fourth-man-out_HI_english-1438417.zip
2016-11-21 22:53 - 2016-11-24 10:01 - 00065536 _____ C:\windows\system32\Ikeext.etl
2016-11-21 22:53 - 2016-11-21 22:53 - 00000385 _____ C:\windows\system32\user_gensett.xml
2016-11-21 22:52 - 2016-11-21 22:52 - 00809744 _____ C:\ProgramData\1479760369.bdinstall.bin
2016-11-21 22:51 - 2016-11-21 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-11-21 22:50 - 2016-11-21 23:07 - 00878072 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2016-11-21 22:50 - 2016-11-21 23:06 - 01605376 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2016-11-21 22:50 - 2016-11-21 22:50 - 00000000 ____D C:\ProgramData\BDLogging
2016-11-21 22:50 - 2016-06-16 16:45 - 00299816 _____ (Bitdefender) C:\windows\system32\Drivers\ignis.sys
2016-11-21 22:50 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\windows\system32\Drivers\bdvedisk.sys
2016-11-21 22:50 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\windows\system32\Drivers\bdelam.sys
2016-11-21 22:50 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2016-11-21 22:36 - 2016-11-21 22:36 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Bitdefender
2016-11-21 22:33 - 2016-11-21 23:09 - 00000000 ____D C:\ProgramData\Bitdefender
2016-11-21 22:33 - 2016-11-21 22:33 - 00000000 ____D C:\Program Files\Bitdefender
2016-11-21 22:33 - 2016-03-10 06:41 - 00520032 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2016-11-21 22:33 - 2015-12-16 04:53 - 00182936 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys
2016-11-21 22:32 - 2016-11-21 22:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-11-21 22:32 - 2016-11-21 22:32 - 00000000 ____D C:\Users\Dell\AppData\Roaming\QuickScan
2016-11-21 20:56 - 2016-11-21 20:56 - 00003640 _____ C:\windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-11-21 20:53 - 2016-11-24 10:05 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-21 20:53 - 2016-11-21 20:53 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-11-21 20:51 - 2016-11-21 20:53 - 11842648 _____ C:\Users\Dell\Downloads\bitdefender_windows_ae4e4599-e38b-4081-8bfc-0e2dc6171565.exe
2016-11-21 19:52 - 2016-11-24 11:36 - 00000000 ____D C:\Users\Dell\AppData\Roaming\DMCache
2016-11-17 22:48 - 2016-11-23 08:58 - 00000000 ___HD C:\Users\Dell\AppData\Roaming\ssxkke
2016-11-08 18:40 - 2016-11-08 18:40 - 00000000 __SHD C:\Users\Dell\AppData\LocalLow\EmieUserList
2016-11-01 20:04 - 2016-11-01 20:04 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-11-01 20:04 - 2016-11-01 20:04 - 00000000 ____D C:\Program Files\Dell Support Center
2016-10-26 04:02 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\GeofenceMonitorService.dll
2016-10-26 04:02 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\GeofenceMonitorService.dll
2016-10-26 04:01 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll
2016-10-26 04:01 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll
2016-10-26 04:00 - 2016-01-09 03:49 - 00218448 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2016-10-26 04:00 - 2016-01-09 03:49 - 00192120 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2016-10-26 03:55 - 2015-11-19 16:33 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-10-26 03:55 - 2015-11-19 16:26 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-10-26 03:55 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-10-26 03:54 - 2015-09-29 14:24 - 00155480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-10-26 03:54 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\calc.exe
2016-10-26 03:54 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe
2016-10-26 03:43 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2016-10-26 03:43 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-26 03:36 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2016-10-26 03:36 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll
2016-10-26 03:35 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2016-10-26 03:34 - 2015-09-04 21:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2016-10-26 03:33 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2016-10-26 03:27 - 2016-01-22 10:03 - 00419168 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-10-26 03:27 - 2016-01-22 07:27 - 01335296 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2016-10-26 03:27 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-10-26 03:27 - 2016-01-22 07:13 - 01063424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2016-10-26 03:27 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-10-26 03:27 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-10-26 03:27 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-10-26 03:27 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\smphost.dll
2016-10-26 03:27 - 2014-10-29 03:21 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\delegatorprovider.dll
2016-10-26 03:27 - 2014-10-29 03:21 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\storagewmi_passthru.dll
2016-10-26 03:27 - 2014-10-29 03:04 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\smphost.dll
2016-10-26 03:27 - 2014-10-29 03:00 - 00020480 _____ (Microsoft Corporation) C:\windows\SysWOW64\delegatorprovider.dll
2016-10-26 03:27 - 2014-10-29 03:00 - 00019968 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi_passthru.dll
2016-10-26 03:16 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2016-10-26 03:16 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2016-10-26 03:16 - 2014-10-29 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\WorkFolders.exe
2016-10-26 03:16 - 2014-10-29 03:50 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2016-10-26 03:08 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2016-10-26 03:08 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2016-10-26 02:59 - 2016-01-09 03:38 - 00091992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-10-26 02:34 - 2015-08-29 00:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2016-10-26 02:34 - 2014-10-29 03:21 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\AuthHostProxy.dll
2016-10-26 02:34 - 2014-10-29 02:40 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2016-10-26 02:34 - 2014-10-29 02:34 - 00104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2016-10-26 02:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2016-10-26 02:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2016-10-26 02:12 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys
2016-10-26 02:12 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys
2016-10-26 02:12 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2016-10-26 02:12 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2016-10-26 02:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\windows\system32\mrt_map.dll
2016-10-26 02:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\windows\system32\mrt100.dll
2016-10-26 02:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt_map.dll
2016-10-26 02:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt100.dll
2016-10-26 01:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2016-10-26 01:41 - 2015-10-03 21:41 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-10-26 01:41 - 2015-10-03 21:41 - 01124384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-10-26 01:26 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2016-10-26 01:26 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2016-10-26 01:26 - 2014-10-29 04:43 - 00017408 _____ (Microsoft Corporation) C:\windows\hh.exe
2016-10-26 01:26 - 2014-10-29 04:19 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\hhsetup.dll
2016-10-26 01:26 - 2014-10-29 03:58 - 00015872 _____ (Microsoft Corporation) C:\windows\SysWOW64\hh.exe
2016-10-26 01:26 - 2014-10-29 03:40 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhsetup.dll
2016-10-26 01:19 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2016-10-26 01:18 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-10-26 01:12 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\rgb9rast.dll
2016-10-26 01:12 - 2014-10-29 04:34 - 00189440 _____ (Microsoft Corporation) C:\windows\system32\rgb9rast.dll
2016-10-26 00:58 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeui.exe
2016-10-26 00:48 - 2015-12-30 22:49 - 00470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-10-26 00:48 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2016-10-26 00:41 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2016-10-26 00:01 - 2016-01-07 01:46 - 00148752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2016-10-26 00:01 - 2016-01-07 01:45 - 00177712 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2016-10-26 00:01 - 2016-01-06 18:47 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-10-26 00:01 - 2014-10-29 04:40 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\wscproxystub.dll
2016-10-26 00:01 - 2014-10-29 04:35 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\wscisvif.dll
2016-10-26 00:01 - 2014-10-29 03:56 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscproxystub.dll
2016-10-26 00:01 - 2014-10-29 03:52 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscisvif.dll
2016-10-25 22:49 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-10-25 22:49 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-10-25 21:41 - 2015-11-21 18:59 - 01706496 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-10-25 21:41 - 2015-11-21 18:49 - 01344000 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-10-25 21:41 - 2015-11-21 18:47 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-10-25 21:41 - 2015-11-21 18:40 - 00414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-10-25 21:34 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-10-25 21:34 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-10-25 21:34 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-10-25 21:34 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-10-25 21:34 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-10-25 21:34 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-10-25 21:34 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-10-25 21:34 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-10-25 21:34 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\cfgbkend.dll
2016-10-25 21:34 - 2016-01-10 19:31 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-10-25 21:34 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-10-25 21:34 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\cfgbkend.dll
2016-10-25 21:34 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-10-25 21:34 - 2016-01-10 18:58 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-10-25 21:34 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-10-25 21:34 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-10-25 21:34 - 2016-01-10 18:40 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-10-25 21:34 - 2014-10-29 03:25 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-10-25 21:34 - 2014-10-29 03:02 - 00072704 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-10-25 21:26 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-10-25 21:26 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-10-25 21:25 - 2015-12-02 17:04 - 00670208 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-10-25 21:25 - 2015-12-02 17:01 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-10-25 21:25 - 2015-11-05 10:59 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-10-25 21:25 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-10-25 21:25 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-10-25 21:25 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-10-25 21:25 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-10-25 21:25 - 2014-10-29 06:03 - 00116032 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-10-25 21:25 - 2014-10-29 04:44 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-10-25 21:25 - 2014-10-29 04:42 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2016-10-25 21:25 - 2014-10-29 04:22 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-10-25 21:25 - 2014-10-29 03:58 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2016-10-25 21:25 - 2014-10-29 03:42 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-10-25 21:16 - 2016-01-10 19:02 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-10-25 21:16 - 2016-01-10 18:43 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-10-25 21:15 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2016-10-25 21:15 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 02745184 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02528784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02450240 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02447136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 02334104 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 02324744 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01877504 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01798480 ____C (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01484888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01288128 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01210200 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 01150232 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 01115640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 01037680 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00914672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00850680 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00735496 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00700360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00629600 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00584656 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00557856 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00498472 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00492736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00463776 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00399776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00299080 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00275312 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00274280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00250520 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00248432 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00246856 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00244296 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00229272 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00203016 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00184912 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00183856 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00116720 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00110544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00099136 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-10-25 21:15 - 2015-12-05 07:58 - 00090904 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00090392 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00081032 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-10-25 21:15 - 2015-12-05 07:58 - 00076936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-10-25 21:15 - 2015-12-03 20:07 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-10-25 21:15 - 2015-12-03 20:07 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-10-25 21:15 - 2015-12-03 20:05 - 00644608 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-10-25 21:15 - 2015-12-03 20:02 - 01664000 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-10-25 21:15 - 2015-12-03 20:00 - 00451072 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:58 - 00378880 ____C (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-10-25 21:15 - 2015-12-03 19:36 - 01697792 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-10-25 21:15 - 2015-12-03 19:30 - 00468480 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-10-25 21:15 - 2015-12-03 19:28 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-10-25 21:15 - 2015-12-03 19:28 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-10-25 21:15 - 2015-12-03 19:27 - 00736256 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:24 - 01411584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-10-25 21:15 - 2015-12-03 19:23 - 00402432 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-10-25 21:15 - 2015-12-03 19:06 - 01501184 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-10-25 21:15 - 2015-12-03 19:01 - 00743936 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-10-25 21:15 - 2015-12-03 18:40 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-10-25 21:15 - 2015-12-03 18:29 - 00887296 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-10-25 21:15 - 2014-10-29 05:58 - 00014528 ____C (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-10-25 21:15 - 2014-10-29 05:52 - 00022208 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-10-25 21:15 - 2014-10-29 05:07 - 00019096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-10-25 21:15 - 2014-10-29 04:47 - 00089088 ____C (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-10-25 21:15 - 2014-10-29 04:46 - 00272384 ____C (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-10-25 21:11 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2016-10-25 21:11 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2016-10-25 21:11 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-10-25 21:11 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-10-25 21:11 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2016-10-25 21:11 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2016-10-25 21:11 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2016-10-25 21:11 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-10-25 21:11 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2016-10-25 21:11 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2016-10-25 21:11 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-10-25 21:11 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2016-10-25 21:11 - 2014-10-29 04:42 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2016-10-25 21:11 - 2014-10-29 04:33 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2016-10-25 21:11 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2016-10-25 21:10 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-10-25 21:10 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-10-25 21:10 - 2015-10-13 19:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-10-25 21:10 - 2015-10-13 19:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-10-25 21:10 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-10-25 21:10 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-10-25 21:10 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2016-10-25 21:10 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2016-10-25 21:10 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-10-25 21:09 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-10-25 21:09 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-10-25 21:09 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-10-25 21:03 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\atlthunk.dll
2016-10-25 21:03 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\atlthunk.dll
2016-10-25 20:42 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2016-10-25 20:42 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2016-10-25 20:42 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-10-25 20:42 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-10-25 20:41 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-10-25 20:41 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-10-25 20:41 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-10-25 20:41 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-10-25 20:41 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-10-25 20:41 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-10-25 20:41 - 2014-10-29 04:43 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-10-25 20:41 - 2014-10-29 04:17 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-10-25 20:41 - 2014-10-29 03:58 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-10-25 20:41 - 2014-10-29 03:38 - 00087552 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-10-25 20:41 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-10-25 20:41 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-10-25 20:41 - 2014-10-29 03:04 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-10-25 20:41 - 2014-10-29 03:04 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-10-25 20:40 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2016-10-25 20:40 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-10-25 20:40 - 2014-10-29 04:13 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\BdeUISrv.exe
2016-10-25 20:40 - 2014-10-29 03:26 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\BitLockerDeviceEncryption.exe
2016-10-25 20:40 - 2014-10-29 03:16 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-10-25 20:38 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\windows\system32\WMASF.DLL
2016-10-25 20:38 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMASF.DLL
2016-10-25 20:38 - 2016-02-05 17:03 - 15432704 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-10-25 20:38 - 2016-02-05 17:00 - 13318144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-10-25 20:38 - 2014-10-29 04:45 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-10-25 20:38 - 2014-10-29 04:45 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-10-25 20:38 - 2014-10-29 04:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\LAPRXY.DLL
2016-10-25 20:38 - 2014-10-29 04:08 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-10-25 20:38 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-10-25 20:38 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-10-25 20:38 - 2014-10-29 03:51 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\LAPRXY.DLL
2016-10-25 20:38 - 2014-10-29 03:32 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-10-25 18:01 - 2016-10-31 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-10-25 03:41 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-25 03:41 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-25 00:26 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2016-10-25 00:26 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2016-10-25 00:26 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2016-10-25 00:26 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2016-10-25 00:01 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-10-25 00:01 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 12:00 - 2016-07-18 16:54 - 00000000 ____D C:\Users\Dell\AppData\Roaming\vlc
2016-11-24 11:45 - 2016-07-19 18:29 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699064319-4166293819-890525629-1001UA.job
2016-11-24 11:26 - 2013-08-22 17:36 - 00000000 ____D C:\windows\tracing
2016-11-24 10:05 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-11-24 10:03 - 2015-01-15 18:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-11-24 10:02 - 2016-10-07 17:30 - 00008192 _____ C:\windows\SysWOW64\WDPABKP.dat
2016-11-24 10:00 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-24 09:59 - 2016-08-11 23:24 - 00000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent
2016-11-24 09:59 - 2015-09-11 16:31 - 00003950 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{F6C8DDB0-E23F-4AAE-AFB8-1839773FEFA2}
2016-11-23 19:45 - 2016-07-19 18:29 - 00000884 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2699064319-4166293819-890525629-1001Core.job
2016-11-23 14:50 - 2015-09-11 16:18 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2699064319-4166293819-890525629-1001
2016-11-23 09:05 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell
2016-11-22 21:47 - 2016-10-06 19:14 - 00000000 ____D C:\Users\Dell\Desktop\iheb
2016-11-22 19:19 - 2015-09-11 16:31 - 00000000 ____D C:\KMPlayer
2016-11-21 20:46 - 2016-07-19 19:02 - 00000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC
2016-11-21 20:29 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-11-21 20:01 - 2013-08-22 15:25 - 00786432 ___SH C:\windows\system32\config\BBI
2016-11-21 19:47 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\AppData\Roaming\IDM
2016-11-21 18:34 - 2015-09-11 16:31 - 00776610 _____ C:\windows\system32\perfh00C.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00431632 _____ C:\windows\system32\perfh001.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00149292 _____ C:\windows\system32\perfc00C.dat
2016-11-21 18:34 - 2015-09-11 16:31 - 00065296 _____ C:\windows\system32\perfc001.dat
2016-11-21 18:34 - 2015-01-15 18:15 - 02274834 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-21 13:57 - 2016-08-30 18:12 - 00000000 ____D C:\Users\Dell\Documents\GTA San Andreas User Files
2016-11-19 22:27 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-16 14:37 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell\AppData\Local\VirtualStore
2016-11-15 02:31 - 2015-09-11 16:38 - 00002385 _____ C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-15 02:31 - 2015-09-11 16:38 - 00002377 _____ C:\Users\Dell\Desktop\Google Chrome.lnk
2016-11-11 20:38 - 2015-09-11 16:35 - 00000000 ____D C:\FFOutput
2016-11-11 20:33 - 2015-09-11 16:13 - 00000000 ____D C:\Users\Dell\Desktop\lina
2016-11-08 18:40 - 2016-10-07 13:49 - 00000000 __SHD C:\Users\Dell\AppData\LocalLow\EmieSiteList
2016-11-02 19:53 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\Downloads\Compressed
2016-11-02 19:38 - 2016-09-24 12:50 - 00000000 ____D C:\Users\Dell\Downloads\Imen
2016-11-01 22:52 - 2015-09-11 16:37 - 00000000 ____D C:\Users\Dell\Downloads\Video
2016-11-01 20:04 - 2015-01-15 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-11-01 20:03 - 2015-01-15 18:55 - 00000000 ____D C:\ProgramData\PCDr
2016-11-01 19:09 - 2015-09-11 16:38 - 00000000 ____D C:\Users\Dell\AppData\Local\Google
2016-10-30 02:58 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-10-30 02:04 - 2016-08-09 09:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-29 00:10 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-28 13:37 - 2015-09-11 16:12 - 00000000 ____D C:\Users\Dell\AppData\Local\Packages
2016-10-26 04:21 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-10-26 04:20 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-10-25 19:03 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
==================== Files in the root of some directories =======
2016-11-21 22:52 - 2016-11-21 22:52 - 0809744 _____ () C:\ProgramData\1479760369.bdinstall.bin
2015-01-15 20:03 - 2015-01-15 20:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-15 18:49 - 2015-01-15 18:49 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-01-15 18:43 - 2015-01-15 18:44 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-01-15 18:44 - 2015-01-15 18:46 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-01-15 18:46 - 2015-01-15 18:48 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-01-15 18:42 - 2015-01-15 18:43 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Dell\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Dell\AppData\Local\Temp\GUR68E0.exe
C:\Users\Dell\AppData\Local\Temp\{50C0A2FE-7A7C-4CCE-BF9D-07B4B3000E07}-53.0.2785.143_53.0.2785.116_chrome_updater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-17 19:10
==================== End of FRST.txt ============================