Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2016 Ran by Spirit (administrator) on TIMELINE (12-12-2016 13:49:13) Running from C:\Users\Spirit\Desktop Loaded Profiles: Spirit (Available Profiles: Spirit & DefaultAppPool) Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Engels (Verenigde Staten) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Symantec Corporation) C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\n360.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Symantec Corporation) C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\n360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Symantec Corporation) C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\conathst.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1565992 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8522272 2010-02-22] (Realtek Semiconductor) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation) HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2010-02-05] (Alcor Micro Corp.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) HKU\S-1-5-21-1562041459-4216995153-4248193827-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) HKU\S-1-5-21-1562041459-4216995153-4248193827-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c80dba08-8b4a-4ccb-85c7-67a85690b031}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={913D0C24-2019-427D-B9F5-BBABF505E3EC}&mid=7a30b08f7d3547cc83c31943efa55854-2fdfe6a086471786d79d673ddbd8e9df32e13e35&lang=en&ds=AVG&coid=avgtbavg&cmpid=0916avz&pr=fr&d=2016-09-17 08:46:51&v=4.3.5.160&pid=wtu&sg=&sap=hp SearchScopes: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={913D0C24-2019-427D-B9F5-BBABF505E3EC}&mid=7a30b08f7d3547cc83c31943efa55854-2fdfe6a086471786d79d673ddbd8e9df32e13e35&lang=en&ds=AVG&coid=avgtbavg&cmpid=0916avz&pr=fr&d=2016-09-17 08:46:51&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={913D0C24-2019-427D-B9F5-BBABF505E3EC}&mid=7a30b08f7d3547cc83c31943efa55854-2fdfe6a086471786d79d673ddbd8e9df32e13e35&lang=en&ds=AVG&coid=avgtbavg&cmpid=0916avz&pr=fr&d=2016-09-17 08:46:51&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1011&geo=BE&ver=22&locale=nl_BE&gct=kwd&qsrc=2869 BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation) Toolbar: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation) Toolbar: HKU\S-1-5-21-1562041459-4216995153-4248193827-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security) FireFox: ======== FF ProfilePath: C:\Users\Spirit\AppData\Roaming\Mozilla\Firefox\Profiles\r034sjn6.default-1478178380435 [2016-12-12] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-12-12] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-19] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360\Norton 360\Engine\22.7.0.76\Exts\Chrome.crx [2016-12-12] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [807936 2016-03-05] (Digital Care Solutions) [File not signed] R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-11-29] (Malwarebytes) R2 N360; C:\Program Files\Norton 360\Norton 360\Engine\22.8.0.50\N360.exe [289080 2016-09-24] (Symantec Corporation) S3 scan; C:\Program Files\BDServices\scan.dll [502504 2016-02-22] (Bitdefender) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [991192 2016-10-28] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17304 2016-10-28] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2016-10-28] (McAfee, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation) S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X] S3 Sense; "%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [25600 2009-05-26] (Alcor Micro, Corp.) R1 BHDrvx86; C:\Program Files\Norton 360\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20161208.001\BHDrvx86.sys [1378520 2016-12-08] (Symantec Corporation) R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360\1608000.032\ccSetx86.sys [137456 2016-06-02] (Symantec Corporation) S3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25104 2015-03-04] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [388824 2016-09-22] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [124632 2016-09-22] (Symantec Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59968 2016-11-29] () R1 IDSVix86; C:\Program Files\Norton 360\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20161208.005\IDSvix86.sys [768728 2016-12-08] (Symantec Corporation) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [87496 2016-12-12] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2016-12-12] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [219072 2016-12-12] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [73152 2016-12-12] (Malwarebytes) S3 MRV6X32U; C:\WINDOWS\System32\drivers\MRVW23B.sys [231040 2006-12-22] (Marvell Semiconductor, Inc) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] () R3 NETwNs32; C:\WINDOWS\System32\drivers\Netwsn00.sys [10372096 2016-07-16] (Intel Corporation) R3 SRTSP; C:\WINDOWS\System32\Drivers\N360\1607000.04C\SRTSP.SYS [625912 2016-06-02] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\1608000.032\SRTSPX.SYS [43248 2016-09-23] (Symantec Corporation) R3 STHall; C:\WINDOWS\System32\drivers\STHall.sys [18792 2009-11-25] (ST Microelectronics) R0 SymEFASI; C:\WINDOWS\System32\drivers\N360\1608000.032\SYMEFASI.SYS [1291992 2016-09-23] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\N360\1608000.032\SYMELAM.SYS [22144 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [87792 2016-12-12] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\N360\1608000.032\Ironx86.SYS [229616 2016-09-23] (Symantec Corporation) R3 SymNetS; C:\WINDOWS\System32\Drivers\N360\1607000.04C\SYMNETS.SYS [423152 2016-06-02] (Symantec Corporation) S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [408280 2016-02-22] (BitDefender S.R.L.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation) U3 idsvc; no ImagePath S3 NAVENG; \??\C:\Program Files\Norton 360\Norton 360\NortonData\22.5.2.15\Definitions\SDSDefs\20161211.017\NAVENG.SYS [X] S3 NAVEX15; \??\C:\Program Files\Norton 360\Norton 360\NortonData\22.5.2.15\Definitions\SDSDefs\20161211.017\NAVEX15.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-12 13:49 - 2016-12-12 13:50 - 00014571 _____ C:\Users\Spirit\Desktop\FRST.txt 2016-12-12 13:48 - 2016-12-12 13:49 - 00000000 ____D C:\FRST 2016-12-12 13:47 - 2016-12-12 13:47 - 01761792 _____ (Farbar) C:\Users\Spirit\Desktop\FRST.exe 2016-12-12 13:38 - 2016-12-12 13:38 - 00081975 _____ C:\Users\Spirit\Downloads\Bevestiging_van_uw_wijziging.pdf 2016-12-12 11:50 - 2016-12-12 11:50 - 00002419 _____ C:\Users\Public\Desktop\Norton 360.lnk 2016-12-12 10:25 - 2016-12-12 10:25 - 00000000 ____D C:\Users\Spirit\AppData\Local\NetworkTiles 2016-12-12 10:04 - 2016-12-12 10:04 - 00000000 ____D C:\zoek 2016-12-12 09:26 - 2016-12-12 10:13 - 00003073 _____ C:\runcheck.txt 2016-12-10 11:38 - 2016-12-10 11:38 - 51969976 _____ (Malwarebytes ) C:\Users\Spirit\Downloads\mb3-setup-cb.NT-3.0.4.1269.exe 2016-12-10 11:18 - 2016-12-10 11:18 - 16706160 _____ (Netopsystems AG) C:\Users\Spirit\Downloads\AdbeRdr60_enu_full(1).exe 2016-12-10 11:14 - 2016-12-10 11:14 - 16706160 _____ (Netopsystems AG) C:\Users\Spirit\Downloads\AdbeRdr60_enu_full.exe 2016-12-10 11:14 - 2016-12-10 11:14 - 00000000 ____D C:\WINDOWS\Cache 2016-12-10 10:16 - 2016-11-11 09:07 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-12-10 10:16 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-12-10 10:16 - 2016-11-11 09:00 - 06019936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-12-10 10:16 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2016-12-10 10:16 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2016-12-10 10:16 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-12-10 10:16 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-12-10 10:16 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-12-10 10:16 - 2016-11-11 08:47 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-10 10:16 - 2016-11-11 08:47 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-10 10:16 - 2016-11-11 08:47 - 00550752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-10 10:16 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-12-10 10:16 - 2016-11-11 08:47 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-10 10:16 - 2016-11-11 08:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-10 10:16 - 2016-11-11 08:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-10 10:16 - 2016-11-11 08:45 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-12-10 10:16 - 2016-11-11 08:45 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-12-10 10:16 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-12-10 10:16 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll 2016-12-10 10:16 - 2016-11-11 08:41 - 00198488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-12-10 10:16 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-12-10 10:16 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-12-10 10:16 - 2016-11-11 08:27 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll 2016-12-10 10:16 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-12-10 10:16 - 2016-11-11 08:26 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-12-10 10:16 - 2016-11-11 08:26 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-12-10 10:16 - 2016-11-11 08:25 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2016-12-10 10:16 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-12-10 10:16 - 2016-11-11 08:25 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-12-10 10:16 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-12-10 10:16 - 2016-11-11 08:24 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-12-10 10:16 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-12-10 10:16 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-12-10 10:16 - 2016-11-11 08:24 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-12-10 10:16 - 2016-11-11 08:24 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-12-10 10:16 - 2016-11-11 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-12-10 10:16 - 2016-11-11 08:23 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-12-10 10:16 - 2016-11-11 08:23 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-10 10:16 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-12-10 10:16 - 2016-11-11 08:23 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-12-10 10:16 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-10 10:16 - 2016-11-11 08:22 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-12-10 10:16 - 2016-11-11 08:22 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll 2016-12-10 10:16 - 2016-11-11 08:21 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-10 10:16 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-12-10 10:16 - 2016-11-11 08:21 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2016-12-10 10:16 - 2016-11-11 08:21 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-12-10 10:16 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-12-10 10:16 - 2016-11-11 08:20 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe 2016-12-10 10:16 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-12-10 10:16 - 2016-11-11 08:19 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2016-12-10 10:16 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-12-10 10:16 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-12-10 10:16 - 2016-11-11 08:18 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-10 10:16 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-12-10 10:16 - 2016-11-11 08:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-12-10 10:16 - 2016-11-11 08:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2016-12-10 10:16 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-12-10 10:16 - 2016-11-11 08:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-12-10 10:16 - 2016-11-11 08:17 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-10 10:16 - 2016-11-11 08:16 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-10 10:16 - 2016-11-11 08:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 01722368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-12-10 10:16 - 2016-11-11 08:15 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2016-12-10 10:16 - 2016-11-11 08:14 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-10 10:16 - 2016-11-11 08:14 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-12-10 10:16 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-12-10 10:16 - 2016-11-11 08:13 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-12-10 10:16 - 2016-11-11 08:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-10 10:16 - 2016-11-11 08:13 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-10 10:16 - 2016-11-11 08:12 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-12-10 10:16 - 2016-11-11 08:12 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-10 10:16 - 2016-11-11 08:12 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-12-10 10:16 - 2016-11-11 08:12 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2016-12-10 10:16 - 2016-11-11 08:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-10 10:16 - 2016-11-11 08:11 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-12-10 10:16 - 2016-11-11 08:10 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-10 10:16 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-12-10 10:16 - 2016-11-11 08:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2016-12-10 10:16 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-12-10 10:16 - 2016-11-11 08:09 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-10 10:16 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-12-10 10:16 - 2016-11-11 08:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-10 10:16 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2016-12-10 10:16 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2016-12-10 10:16 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-12-10 10:16 - 2016-11-11 08:05 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 01235456 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-10 10:16 - 2016-11-11 08:04 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-12-10 10:16 - 2016-11-11 08:04 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-10 10:16 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-12-10 10:16 - 2016-11-11 08:01 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-10 10:15 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-12-10 10:15 - 2016-11-11 09:07 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2016-12-10 10:15 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2016-12-10 10:15 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-12-10 10:15 - 2016-11-11 09:00 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-12-10 10:15 - 2016-11-11 08:59 - 01586736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-12-10 10:15 - 2016-11-11 08:59 - 00292192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-12-10 10:15 - 2016-11-11 08:59 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-12-10 10:15 - 2016-11-11 08:56 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-10 10:15 - 2016-11-11 08:56 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-10 10:15 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2016-12-10 10:15 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-12-10 10:15 - 2016-11-11 08:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-10 10:15 - 2016-11-11 08:46 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-12-10 10:15 - 2016-11-11 08:45 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-12-10 10:15 - 2016-11-11 08:42 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-10 10:15 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-12-10 10:15 - 2016-11-11 08:42 - 00313088 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-12-10 10:15 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll 2016-12-10 10:15 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-12-10 10:15 - 2016-11-11 08:41 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-10 10:15 - 2016-11-11 08:41 - 00802608 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-12-10 10:15 - 2016-11-11 08:41 - 00675568 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-10 10:15 - 2016-11-11 08:37 - 00381720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-12-10 10:15 - 2016-11-11 08:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-12-10 10:15 - 2016-11-11 08:29 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll 2016-12-10 10:15 - 2016-11-11 08:27 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2016-12-10 10:15 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-12-10 10:15 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2016-12-10 10:15 - 2016-11-11 08:25 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys 2016-12-10 10:15 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-12-10 10:15 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-12-10 10:15 - 2016-11-11 08:22 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-12-10 10:15 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2016-12-10 10:15 - 2016-11-11 08:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-12-10 10:15 - 2016-11-11 08:22 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2016-12-10 10:15 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-12-10 10:15 - 2016-11-11 08:21 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2016-12-10 10:15 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-10 10:15 - 2016-11-11 08:20 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-12-10 10:15 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-12-10 10:15 - 2016-11-11 08:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-10 10:15 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-12-10 10:15 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-12-10 10:15 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2016-12-10 10:15 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-12-10 10:15 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2016-12-10 10:15 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2016-12-10 10:15 - 2016-11-11 08:18 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-12-10 10:15 - 2016-11-11 08:18 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-12-10 10:15 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2016-12-10 10:15 - 2016-11-11 08:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2016-12-10 10:15 - 2016-11-11 08:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2016-12-10 10:15 - 2016-11-11 08:17 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2016-12-10 10:15 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-12-10 10:15 - 2016-11-11 08:16 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-12-10 10:15 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-10 10:15 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-12-10 10:15 - 2016-11-11 08:14 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-12-10 10:15 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-12-10 10:15 - 2016-11-11 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-12-10 10:15 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2016-12-10 10:15 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-12-10 10:15 - 2016-11-11 08:09 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-12-10 10:15 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2016-12-10 10:15 - 2016-11-11 08:07 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-12-10 10:15 - 2016-11-11 08:07 - 01948160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-12-10 10:15 - 2016-11-11 08:07 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-12-10 10:15 - 2016-11-11 08:07 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2016-12-10 10:15 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-12-10 10:15 - 2016-11-11 08:06 - 01602048 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-12-10 10:15 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2016-12-10 10:15 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll 2016-12-10 10:15 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-12-10 10:15 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-12-10 10:15 - 2016-11-11 08:05 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-12-10 10:15 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-12-10 10:15 - 2016-11-11 08:04 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-12-10 10:15 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-12-10 10:15 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-12-10 10:15 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-12-10 10:15 - 2016-11-11 08:02 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2016-12-09 09:40 - 2016-12-10 11:42 - 00153024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2016-12-09 09:39 - 2016-12-12 12:00 - 00087496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2016-12-09 09:39 - 2016-12-12 12:00 - 00073152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2016-12-09 09:39 - 2016-12-12 11:59 - 00219072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-12-09 09:39 - 2016-12-12 11:59 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-12-09 09:39 - 2016-12-10 11:41 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2016-12-09 09:39 - 2016-12-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2016-12-09 09:39 - 2016-11-29 06:27 - 00059968 _____ C:\WINDOWS\system32\Drivers\mbae.sys 2016-12-09 09:38 - 2016-12-09 09:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-09 09:38 - 2016-12-09 09:38 - 00000000 ____D C:\Program Files\Malwarebytes 2016-12-09 09:36 - 2016-12-09 09:36 - 51969976 _____ (Malwarebytes ) C:\Users\Spirit\Downloads\mb3-setup-consumer-3.0.4.1269.exe 2016-12-09 09:05 - 2016-12-09 09:05 - 01107968 _____ C:\Users\Spirit\Downloads\RSIT(1).exe 2016-12-08 11:56 - 2016-12-12 12:29 - 00087792 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 2016-12-08 11:56 - 2016-12-12 12:29 - 00008234 _____ C:\WINDOWS\system32\Drivers\SYMEVENT.CAT 2016-12-08 11:56 - 2016-12-08 11:55 - 00103152 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO64d4.tmp 2016-12-08 11:55 - 2016-12-10 13:49 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2016-12-08 11:51 - 2016-12-12 12:27 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360 2016-12-08 11:51 - 2016-12-12 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2016-12-08 11:50 - 2016-12-08 11:50 - 00000000 ____D C:\Program Files\NortonInstaller 2016-12-08 11:44 - 2016-12-12 10:06 - 00000000 ____D C:\Users\Spirit\AppData\Local\CrashDumps 2016-12-07 12:23 - 2016-12-08 11:51 - 00000000 ____D C:\Program Files\Norton 360 2016-12-07 12:22 - 2016-12-08 11:46 - 00000000 ____D C:\ProgramData\NortonInstaller 2016-12-07 12:21 - 2016-12-08 11:51 - 00000000 ____D C:\ProgramData\Norton 2016-12-07 12:21 - 2016-12-08 11:45 - 00001403 _____ C:\Users\Spirit\Desktop\Norton Installation Files.lnk 2016-12-07 12:21 - 2016-12-07 12:21 - 01111624 _____ (Symantec Corporation) C:\Users\Spirit\Downloads\Norton_Download_Manager.exe 2016-12-07 12:21 - 2016-12-07 12:21 - 00000000 ____D C:\Users\Public\Downloads\Norton 2016-12-01 09:19 - 2016-12-01 09:19 - 02689892 _____ C:\Users\Spirit\Documents\mijn eigendom.CDR 2016-11-30 10:09 - 2016-11-30 10:09 - 02749758 _____ C:\Users\Spirit\Documents\kleerkast.CDR 2016-11-21 08:41 - 2016-11-21 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2016-11-19 08:58 - 2016-11-19 08:58 - 00000000 ____D C:\Users\Spirit\AppData\Local\tkdata 2016-11-19 08:56 - 2016-12-10 08:45 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2016-11-19 08:56 - 2016-11-19 08:56 - 00001334 _____ C:\Users\Public\Desktop\True Key.lnk 2016-11-19 08:56 - 2016-11-19 08:56 - 00000000 ____D C:\ProgramData\TrueKey 2016-11-19 08:55 - 2016-11-19 08:55 - 00000000 ____D C:\Program Files\Intel Security 2016-11-19 08:51 - 2016-12-10 13:30 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-19 08:51 - 2016-11-19 08:51 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-11-19 08:40 - 2016-12-10 13:21 - 00000000 ____D C:\Program Files\TrueKey 2016-11-18 15:00 - 2016-12-12 13:08 - 00000000 ____D C:\Users\Spirit\AppData\LocalLow\Mozilla 2016-11-18 10:09 - 2016-11-18 10:09 - 00210602 _____ C:\Users\Spirit\Downloads\Untitled(1) 2016-11-18 10:08 - 2016-11-18 10:08 - 00210602 _____ C:\Users\Spirit\Downloads\Untitled 2016-11-18 09:57 - 2016-12-07 15:51 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-12 13:10 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF 2016-12-12 13:08 - 2015-03-15 18:36 - 00000000 ____D C:\Users\Spirit\AppData\Roaming\Skype 2016-12-12 13:03 - 2016-10-31 04:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-12-12 11:56 - 2016-10-31 13:01 - 00642380 _____ C:\WINDOWS\system32\perfh013.dat 2016-12-12 11:56 - 2016-10-31 13:01 - 00137706 _____ C:\WINDOWS\system32\perfc013.dat 2016-12-12 11:56 - 2016-10-31 04:25 - 01904584 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-12 11:50 - 2016-07-16 09:29 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-12-12 11:49 - 2016-10-31 04:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-12-12 11:47 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-12-12 11:46 - 2016-10-31 04:26 - 00000000 ____D C:\Users\Spirit 2016-12-12 10:06 - 2016-03-20 09:56 - 00000000 ____D C:\zoek_backup 2016-12-11 09:54 - 2015-03-20 08:49 - 00000000 ____D C:\Users\Spirit\AppData\Roaming\vlc 2016-12-11 08:42 - 2016-07-16 03:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-12-10 13:32 - 2015-09-10 05:16 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-10 13:26 - 2016-10-31 04:19 - 00344312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-10 13:23 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-10 13:23 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-10 13:23 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-10 13:23 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-10 13:23 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-10 13:23 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-10 13:23 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-10 13:23 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\servicing 2016-12-10 12:11 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-10 09:37 - 2015-03-30 11:05 - 00000000 ____D C:\Users\Spirit\Documents\corel snijwerken 2016-12-10 09:15 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-12-09 09:54 - 2016-11-06 10:34 - 00000000 ____D C:\Program Files\Opera 2016-12-09 09:51 - 2016-07-11 09:18 - 00000000 ____D C:\Users\Spirit\AppData\Roaming\ParetoLogic 2016-12-09 09:15 - 2016-03-20 09:29 - 00000000 ____D C:\Program Files\trend micro 2016-12-09 09:04 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-08 11:50 - 2016-07-11 09:17 - 00000000 ____D C:\Program Files\BDServices 2016-12-07 15:51 - 2015-03-04 07:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-11-28 10:11 - 2016-11-10 08:27 - 00000000 ____D C:\WINDOWS\Minidump 2016-11-27 12:41 - 2016-05-08 08:18 - 00000000 ___RD C:\Program Files\Skype 2016-11-27 12:41 - 2015-03-15 18:35 - 00000000 ____D C:\ProgramData\Skype 2016-11-23 08:38 - 2015-03-16 16:23 - 00000000 ____D C:\ProgramData\McAfee 2016-11-21 08:41 - 2015-05-12 07:58 - 00000000 ____D C:\Program Files\Google 2016-11-19 08:42 - 2015-03-04 07:08 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-11-19 08:40 - 2015-03-04 07:05 - 00000000 ____D C:\Users\Spirit\AppData\Local\Adobe 2016-11-19 08:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-11-13 08:28 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache ==================== Files in the root of some directories ======= 2016-07-11 09:18 - 2016-12-09 09:55 - 0000053 _____ () C:\Users\Spirit\AppData\Roaming\LogFile.txt 2016-05-29 09:37 - 2016-09-12 09:26 - 0007597 _____ () C:\Users\Spirit\AppData\Local\resmon.resmoncfg Some files in TEMP: ==================== C:\Users\Spirit\AppData\Local\Temp\7za.exe C:\Users\Spirit\AppData\Local\Temp\DaS_21.exe C:\Users\Spirit\AppData\Local\Temp\hijackthis.exe C:\Users\Spirit\AppData\Local\Temp\NirCmd.exe C:\Users\Spirit\AppData\Local\Temp\PEVZ.EXE C:\Users\Spirit\AppData\Local\Temp\remove.exe C:\Users\Spirit\AppData\Local\Temp\sed.exe C:\Users\Spirit\AppData\Local\Temp\shortcut.exe C:\Users\Spirit\AppData\Local\Temp\swreg.exe C:\Users\Spirit\AppData\Local\Temp\swxcacls.exe C:\Users\Spirit\AppData\Local\Temp\wget.exe C:\Users\Spirit\AppData\Local\Temp\zoek-delete.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-12-06 10:53 ==================== End of FRST.txt ============================