Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017 Ran by paulinka (administrator) on PAULINKA-TOSH (09-05-2017 19:23:10) Running from C:\Users\paulinka\Desktop Loaded Profiles: paulinka (Available Profiles: paulinka) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\igfxpers.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (Spotify Ltd) C:\Users\paulinka\AppData\Roaming\Spotify\SpotifyWebHelper.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2168416 2017-02-22] (Hola Networks Ltd.) <===== ATTENTION HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited) HKLM-x32\...\Run: [fst_gb_13] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\...\Run: [Spotify Web Helper] => C:\Users\paulinka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-21] (Spotify Ltd) HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [18681120 2017-02-22] (Cyfrowy Polsat S.A.) HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => No File AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => No File ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-03] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\paulinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP DeskJet 2130 series.lnk [2017-05-09] ShortcutTarget: Monitor Ink Alerts - HP DeskJet 2130 series.lnk -> C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49192;https=127.0.0.1:49192 Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63 Tcpip\..\Interfaces\{A67812AC-635A-4CE6-9CDB-578377BA5FFC}: [DhcpNameServer] 62.179.1.61 62.179.1.63 Tcpip\..\Interfaces\{B1D3682A-A4F7-45E9-A899-294BD749EAD1}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.0.2.17 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.0.2.17 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.0.2.17 HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.0.2.17 URLSearchHook: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 - (No Name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No File SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_wnzp_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Bzy0FyBtDyCzyyC0B0EtN0D0Tzu0SzzzzzytN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByE0D0D0E0A0D0BtG0Bzzzy0DtGyEyCyD0CtGyC0D0C0CtGyE0DyCyByE0FyCzytByCzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CyDzz0DyCtBtG0Czy0ByEtGyB0C0E0AtGtCtDyC0AtGyB0FyB0F0C0BtDtDzzyEyCyC2QtN1B1L1H1Ezu1O2U1M1B&cr=2116844849&ir= SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_20_ch&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Bzy0FyBtDyCzyyC0B0EtN0D0Tzu0SzzyCzztN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyE0E0C0EtD0CtAtCtGyBtA0B0FtGtA0Fzz0AtGtBzytDtDtGyBzytCyEzytByD0FtCyB0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CyDzz0DyCtBtG0Czy0ByEtGyB0C0E0AtGtCtDyC0AtGyB0FyB0F0C0BtDtDzzyEyCyC2Q&cr=1276797276&ir= SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> DefaultScope {213BD86A-D8DE-47C7-AA9A-CF771C6850EF} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB91020D20150313&p={searchTerms} SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=121150&babsrc=SP_ss&mntrId=6e7a96be00000000000074de2b037416 SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> {213BD86A-D8DE-47C7-AA9A-CF771C6850EF} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB91020D20150313&p={searchTerms} SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_wnzp_14_23_ch&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Bzy0FyBtDyCzyyC0B0EtN0D0Tzu0SzzzzzytN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByE0D0D0E0A0D0BtG0Bzzzy0DtGyEyCyD0CtGyC0D0C0CtGyE0DyCyByE0FyCzytByCzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CyDzz0DyCtBtG0Czy0ByEtGyB0C0E0AtGtCtDyC0AtGyB0FyB0F0C0BtDtDzzyEyCyC2QtN1B1L1H1Ezu1O2U1M1B&cr=2116844849&ir= SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_20_ch&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Bzy0FyBtDyCzyyC0B0EtN0D0Tzu0SzzyCzztN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyE0E0C0EtD0CtAtCtGyBtA0B0FtGtA0Fzz0AtGtBzytDtDtGyBzytCyEzytByD0FtCyB0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0CyDzz0DyCtBtG0Czy0ByEtGyB0C0E0AtGtCtDyC0AtGyB0FyB0F0C0BtDtDzzyEyCyC2Q&cr=1276797276&ir= BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\PROGRA~2\WINZIP~2\wzwmcie.dll => No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation) Toolbar: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> No Name - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File IE Session Restore: HKU\S-1-5-21-1822749172-3988503527-1915266406-1000 -> is enabled. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1822749172-3988503527-1915266406-1000: facebook.com/fbDesktopPlugin -> C:\Users\paulinka\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-05-09] CHR Extension: (Google Docs) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-08] CHR Extension: (Google Drive) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-08] CHR Extension: (YouTube) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-08] CHR Extension: (Google Docs Offline) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-08] CHR Extension: (MySearchDial) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iagcajndpnfncplednpbnkahadegklfa [2017-05-08] CHR Extension: (Chrome Web Store Payments) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-08] CHR Extension: (Gmail) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-08] CHR Extension: (Chrome Media Router) - C:\Users\paulinka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-08] CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - hxxp://update.speedial.com/addons/iagc-ch.xml CHR HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1822749172-3988503527-1915266406-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - hxxp://update.speedial.com/addons/iagc-ch.xml CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - hxxp://update.speedial.com/addons/iagc-ch.xml CHR HKLM-x32\...\Chrome\Extension: [ilckobikkmajlmhhdenkhonjkoaneclk] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx StartMenuInternet: Google Chrome.R7UGBHHLDKADMYR2SRVGFTQTX4 - C:\Users\paulinka\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622368 2017-02-22] (Hola Networks Ltd.) <==== ATTENTION R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5615792 2016-07-20] (Hola Networks Ltd.) [File not signed] <==== ATTENTION S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] () S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] () R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-05-09] (REALiX(tm)) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-05-09] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-05-09] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-09] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-09] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-05-09] (Malwarebytes) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited) R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] () S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X] S3 RSUSBVSTOR; System32\Drivers\RTSUVSTOR.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-09 19:23 - 2017-05-09 19:24 - 00022244 _____ C:\Users\paulinka\Desktop\FRST.txt 2017-05-09 19:21 - 2017-05-09 19:21 - 00000000 ____D C:\Users\paulinka\AppData\Roaming\HD Tune Pro 2017-05-09 19:20 - 2017-05-09 19:20 - 00001004 _____ C:\Users\paulinka\Desktop\HD Tune Pro.lnk 2017-05-09 19:20 - 2017-05-09 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro 2017-05-09 19:20 - 2017-05-09 19:20 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro 2017-05-09 19:18 - 2017-05-09 19:18 - 02239373 _____ (EFD Software ) C:\Users\paulinka\Downloads\hdtunepro_560_trial.exe 2017-05-09 19:14 - 2017-05-09 19:15 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2017-05-09 19:14 - 2017-05-09 19:14 - 00001171 _____ C:\Users\paulinka\Desktop\CrystalDiskInfo.lnk 2017-05-09 19:14 - 2017-05-09 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2017-05-09 19:13 - 2017-05-09 19:13 - 03961080 _____ (Crystal Dew World ) C:\Users\paulinka\Downloads\CrystalDiskInfo7_0_5.exe 2017-05-09 19:11 - 2017-05-09 19:11 - 00035307 _____ C:\Users\paulinka\Desktop\Malwarebytes.txt 2017-05-09 19:06 - 2017-05-09 19:06 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2017-05-09 19:06 - 2017-05-09 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2017-05-09 19:06 - 2017-05-09 19:06 - 00000000 ____D C:\Program Files\HWiNFO64 2017-05-09 19:05 - 2017-05-09 19:06 - 03812072 _____ (Martin MalĂ­k - REALiX ) C:\Users\paulinka\Downloads\hw64_550.exe 2017-05-09 19:04 - 2017-05-09 19:04 - 00021198 _____ C:\Users\paulinka\Desktop\AdwCleaner[S0].txt 2017-05-09 18:57 - 2017-05-09 19:10 - 00000000 ____D C:\AdwCleaner 2017-05-09 18:53 - 2017-05-09 18:54 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-05-09 18:53 - 2017-05-09 18:53 - 04102600 _____ C:\Users\paulinka\Downloads\adwcleaner_6.046.exe 2017-05-09 18:53 - 2017-05-09 18:53 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-09 18:53 - 2017-05-09 18:53 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-05-09 18:53 - 2017-05-09 18:53 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-05-09 18:53 - 2017-05-09 18:53 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-05-09 18:53 - 2017-05-09 18:53 - 00001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-05-09 18:53 - 2017-05-09 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-05-09 18:52 - 2017-05-09 18:52 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-09 18:52 - 2017-05-09 18:52 - 00000000 ____D C:\Program Files\Malwarebytes 2017-05-09 18:52 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-05-09 18:41 - 2017-05-09 18:41 - 60107896 _____ (Malwarebytes ) C:\Users\paulinka\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe 2017-05-09 17:26 - 2017-05-09 17:42 - 00000093 _____ C:\Users\paulinka\Desktop\info.txt 2017-05-09 17:26 - 2017-05-09 17:26 - 00000000 ____D C:\Windows\pss 2017-05-09 12:47 - 2017-05-09 12:47 - 00000000 _____ C:\Users\paulinka\Desktop\gmer.txt 2017-05-08 22:03 - 2017-05-08 22:03 - 00262144 _____ C:\Windows\Minidump\050817-19905-01.dmp 2017-05-08 21:10 - 2017-05-09 19:23 - 00000000 ____D C:\FRST 2017-05-08 21:09 - 2017-05-08 21:09 - 00380928 _____ C:\Users\paulinka\Desktop\oq7061iw.exe 2017-05-08 21:07 - 2017-05-08 21:07 - 02429440 _____ (Farbar) C:\Users\paulinka\Desktop\FRST64.exe 2017-05-03 12:06 - 2017-05-03 12:19 - 1096972828 _____ C:\Users\paulinka\Desktop\sd029d21c03670164977f65dd9959bdbb5532f84a446a082d120cfa8201b5573d0.mp4 2017-04-27 10:28 - 2017-04-27 10:28 - 00001895 _____ C:\Users\Public\Desktop\Battery Check Utility.lnk 2017-04-27 10:25 - 2017-04-27 10:25 - 12830704 _____ C:\Users\paulinka\Desktop\TCH0315700A.exe 2017-04-13 20:42 - 2017-04-17 18:03 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility 2017-04-13 20:42 - 2017-04-13 21:48 - 00003212 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK 2017-04-13 20:42 - 2017-04-13 20:42 - 00001131 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.7.2.lnk 2017-04-13 20:42 - 2017-04-13 20:42 - 00000000 ____D C:\Windows\System32\Tasks\Intel 2017-04-13 20:42 - 2017-04-13 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2017-04-13 20:41 - 2017-04-13 20:41 - 00000000 ____D C:\ProgramData\Intel 2017-04-13 20:41 - 2017-04-13 20:41 - 00000000 ____D C:\Program Files\Intel Driver Update Utility 2017-04-13 20:41 - 2017-04-13 20:41 - 00000000 ____D C:\Program Files\Intel 2017-04-13 20:41 - 2016-10-18 17:14 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys 2017-04-12 16:54 - 2017-03-27 19:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-04-12 16:54 - 2017-03-27 18:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-12 16:54 - 2017-03-25 20:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-12 16:54 - 2017-03-25 20:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-04-12 16:54 - 2017-03-25 20:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-12 16:54 - 2017-03-25 19:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-12 16:54 - 2017-03-25 19:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-12 16:54 - 2017-03-25 19:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-12 16:54 - 2017-03-25 19:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-04-12 16:54 - 2017-03-25 19:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-12 16:54 - 2017-03-25 19:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-12 16:54 - 2017-03-25 19:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-04-12 16:54 - 2017-03-25 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-04-12 16:54 - 2017-03-25 19:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-04-12 16:54 - 2017-03-25 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-04-12 16:54 - 2017-03-25 19:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-04-12 16:54 - 2017-03-25 19:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-04-12 16:54 - 2017-03-25 19:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-04-12 16:54 - 2017-03-25 19:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-04-12 16:54 - 2017-03-25 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-04-12 16:54 - 2017-03-25 19:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-04-12 16:54 - 2017-03-25 19:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-04-12 16:54 - 2017-03-25 19:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-04-12 16:54 - 2017-03-25 19:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-04-12 16:54 - 2017-03-25 19:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-04-12 16:54 - 2017-03-25 19:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-04-12 16:54 - 2017-03-25 19:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-04-12 16:54 - 2017-03-25 18:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-04-12 16:54 - 2017-03-25 18:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-04-12 16:54 - 2017-03-25 18:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-04-12 16:54 - 2017-03-25 18:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-04-12 16:54 - 2017-03-25 18:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-04-12 16:54 - 2017-03-25 18:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-04-12 16:54 - 2017-03-25 18:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-04-12 16:54 - 2017-03-25 18:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-04-12 16:54 - 2017-03-25 18:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-04-12 16:54 - 2017-03-25 18:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-04-12 16:54 - 2017-03-25 18:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-04-12 16:54 - 2017-03-25 18:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-04-12 16:54 - 2017-03-25 18:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-04-12 16:54 - 2017-03-25 18:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-04-12 16:54 - 2017-03-25 18:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-04-12 16:54 - 2017-03-25 18:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-04-12 16:54 - 2017-03-25 18:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-04-12 16:54 - 2017-03-25 18:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-04-12 16:54 - 2017-03-25 18:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-04-12 16:54 - 2017-03-25 17:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-04-12 16:54 - 2017-03-25 17:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-04-12 16:54 - 2017-03-25 17:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-04-12 16:54 - 2017-03-25 17:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-04-12 16:54 - 2017-03-25 17:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-04-12 16:54 - 2017-03-25 17:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-04-12 16:54 - 2017-03-25 17:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-04-12 16:54 - 2017-03-25 17:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-04-12 16:54 - 2017-03-24 23:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-04-12 16:54 - 2017-03-24 23:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-04-12 16:54 - 2017-03-22 16:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-04-12 16:54 - 2017-03-22 16:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-04-12 16:54 - 2017-03-22 16:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-04-12 16:54 - 2017-03-22 16:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2017-04-12 16:54 - 2017-03-22 16:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-04-12 16:54 - 2017-03-22 16:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-04-12 16:54 - 2017-03-22 16:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-04-12 16:54 - 2017-03-22 16:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2017-04-12 16:54 - 2017-03-22 16:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2017-04-12 16:54 - 2017-03-22 16:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-04-12 16:54 - 2017-03-22 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2017-04-12 16:54 - 2017-03-22 16:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2017-04-12 16:54 - 2017-03-22 16:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-04-12 16:54 - 2017-03-22 16:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-04-12 16:54 - 2017-03-22 16:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-04-12 16:54 - 2017-03-22 16:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2017-04-12 16:54 - 2017-03-14 16:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-04-12 16:54 - 2017-03-14 16:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-04-12 16:54 - 2017-03-14 16:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2017-04-12 16:54 - 2017-03-10 17:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-04-12 16:54 - 2017-03-10 17:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2017-04-12 16:54 - 2017-03-10 17:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-04-12 16:54 - 2017-03-10 17:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2017-04-12 16:54 - 2017-03-10 17:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2017-04-12 16:54 - 2017-03-10 17:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-04-12 16:54 - 2017-03-10 17:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2017-04-12 16:54 - 2017-03-10 17:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2017-04-12 16:54 - 2017-03-10 17:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2017-04-12 16:54 - 2017-03-10 17:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-04-12 16:54 - 2017-03-10 16:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-04-12 16:54 - 2017-03-08 21:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2017-04-12 16:54 - 2017-03-08 21:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2017-04-12 16:54 - 2017-03-08 05:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-04-12 16:54 - 2017-03-08 05:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-04-12 16:54 - 2017-03-08 05:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-04-12 16:54 - 2017-03-08 05:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-04-12 16:54 - 2017-03-08 05:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-04-12 16:54 - 2017-03-08 05:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-04-12 16:54 - 2017-03-08 05:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-04-12 16:54 - 2017-03-08 05:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-04-12 16:54 - 2017-03-08 05:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 05:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-04-12 16:54 - 2017-03-08 05:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-04-12 16:54 - 2017-03-08 05:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-04-12 16:54 - 2017-03-08 05:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-04-12 16:54 - 2017-03-08 05:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-04-12 16:54 - 2017-03-08 04:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-04-12 16:54 - 2017-03-08 04:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-04-12 16:54 - 2017-03-08 04:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-04-12 16:54 - 2017-03-08 04:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-04-12 16:54 - 2017-03-08 04:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-04-12 16:54 - 2017-03-08 04:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-04-12 16:54 - 2017-03-08 04:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-04-12 16:54 - 2017-03-08 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-04-12 16:54 - 2017-03-08 04:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-04-12 16:54 - 2017-03-08 04:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-04-12 16:54 - 2017-03-08 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-04-12 16:54 - 2017-03-08 04:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-04-12 16:54 - 2017-03-08 04:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 04:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 04:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-04-12 16:54 - 2017-03-08 04:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-04-12 16:54 - 2017-03-07 17:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-04-12 16:54 - 2017-03-07 17:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-04-12 16:54 - 2017-03-07 15:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-04-12 16:54 - 2017-03-04 02:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-04-12 16:54 - 2017-03-04 02:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2017-04-12 16:54 - 2017-03-04 02:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-04-12 16:54 - 2017-03-04 02:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-04-12 16:54 - 2017-02-14 17:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-04-12 16:54 - 2017-02-14 17:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2017-04-12 16:54 - 2017-02-11 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2017-04-12 16:54 - 2017-02-11 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-04-12 16:54 - 2017-02-09 17:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2017-04-12 16:54 - 2017-02-09 17:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2017-04-12 16:54 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2017-04-12 16:54 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2017-04-12 16:54 - 2016-03-23 23:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2017-04-12 16:54 - 2016-03-23 23:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-09 18:51 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-09 18:51 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-09 14:05 - 2011-12-11 19:59 - 00000000 ____D C:\Users\paulinka\AppData\Roaming\ipla 2017-05-09 14:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-09 12:47 - 2012-12-02 21:39 - 00541970 _____ C:\Windows\ntbtlog.txt 2017-05-08 22:03 - 2013-03-24 20:07 - 706891425 _____ C:\Windows\MEMORY.DMP 2017-05-08 22:03 - 2013-03-24 20:07 - 00000000 ____D C:\Windows\Minidump 2017-05-08 18:42 - 2011-12-05 19:43 - 00000000 ____D C:\Users\paulinka 2017-05-08 18:37 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-05-01 19:23 - 2009-07-14 06:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-01 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-05-01 00:58 - 2017-03-05 18:23 - 00000000 ____D C:\ProgramData\ipla 2017-04-27 10:28 - 2011-08-03 10:42 - 00000000 ____D C:\Program Files\TOSHIBA 2017-04-27 10:28 - 2011-08-03 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2017-04-27 10:28 - 2011-08-03 10:39 - 00000000 ____D C:\Program Files (x86)\TOSHIBA 2017-04-27 10:27 - 2011-09-10 00:11 - 00000000 ____D C:\ProgramData\TOSHIBA 2017-04-24 10:34 - 2016-10-04 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-04-24 10:34 - 2016-10-04 11:21 - 00000000 ____D C:\Program Files (x86)\HP 2017-04-24 10:28 - 2011-08-03 11:01 - 00000000 ____D C:\Program Files\Google 2017-04-24 10:28 - 2011-08-03 11:00 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-24 10:18 - 2011-12-05 20:58 - 00000000 ____D C:\Users\paulinka\AppData\Local\Google 2017-04-24 10:18 - 2011-08-03 11:00 - 00000000 ____D C:\ProgramData\Google 2017-04-17 18:12 - 2011-12-19 16:15 - 00000000 ____D C:\Users\paulinka\AppData\Local\ElevatedDiagnostics 2017-04-17 16:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2017-04-13 21:09 - 2009-07-14 05:45 - 00273576 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-13 20:51 - 2015-02-24 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-13 20:49 - 2015-02-24 18:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-13 20:49 - 2015-02-24 18:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-13 20:49 - 2014-06-06 18:23 - 00000000 ____D C:\Windows\system32\MRT 2017-04-13 20:43 - 2014-06-07 12:00 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-04-13 20:41 - 2015-09-30 16:41 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-13 20:35 - 2011-12-27 17:19 - 00767774 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-04-12 16:23 - 2016-04-26 21:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-04-12 16:22 - 2016-04-26 21:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Files in the root of some directories ======= 2016-12-18 20:11 - 2016-12-18 20:11 - 7680000 _____ () C:\Program Files (x86)\GUTAF05.tmp 2014-06-06 19:23 - 2015-03-13 21:35 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe 2012-06-26 19:22 - 2012-07-10 22:15 - 0000000 ____H () C:\Users\paulinka\AppData\Roaming\msnsvconfig.txt 2011-12-11 21:12 - 2012-09-25 19:25 - 0000308 _____ () C:\Users\paulinka\AppData\Roaming\Rim.Desktop.Exception.log 2011-12-11 21:11 - 2014-02-01 23:06 - 0004229 _____ () C:\Users\paulinka\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2011-12-11 21:12 - 2012-09-25 19:25 - 0000308 _____ () C:\Users\paulinka\AppData\Roaming\Rim.DesktopHelper.Exception.log 2012-09-25 19:22 - 2012-09-25 19:25 - 0000154 _____ () C:\Users\paulinka\AppData\Roaming\Rim.Transcoder.Exception.log 2013-09-23 14:59 - 2014-01-25 07:32 - 0000135 _____ () C:\Users\paulinka\AppData\Roaming\WB.CFG 2013-02-06 19:23 - 2013-02-08 21:06 - 0000002 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\chipset.dat 2013-02-06 19:22 - 2013-02-06 19:22 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\connectf1_.dat 2013-02-06 19:23 - 2013-02-08 21:07 - 0000038 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\Default.dat 2013-02-06 19:23 - 2013-02-06 19:23 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\DirectX.dat 2013-02-08 09:55 - 2013-02-08 09:55 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\Done.dat 2013-02-06 19:23 - 2013-02-08 09:55 - 0000002 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\etc.dat 2013-02-06 19:23 - 2013-02-06 19:23 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\Res2.dat 2013-02-06 19:22 - 2013-02-06 19:22 - 0000226 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\Setup.dat 2013-02-06 19:23 - 2013-02-06 19:23 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\snd.dat 2013-02-06 19:23 - 2013-02-08 09:55 - 0000002 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\System.dat 2013-02-06 19:23 - 2013-02-06 19:23 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\waiter.dat 2013-02-06 19:23 - 2013-02-06 19:23 - 0000001 _____ () C:\Users\paulinka\AppData\Roaming\Microsoft\Windows.dat 2015-03-09 14:11 - 2015-03-09 14:11 - 0007605 _____ () C:\Users\paulinka\AppData\Local\Resmon.ResmonCfg 2012-07-10 22:51 - 2012-07-10 22:51 - 0017408 _____ () C:\Users\paulinka\AppData\Local\WebpageIcons.db 2016-10-04 11:20 - 2016-10-04 11:20 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-01-26 21:34 - 2012-01-26 21:34 - 0000252 _____ () C:\ProgramData\FastPics.log 2012-06-25 22:13 - 2012-06-26 01:07 - 0000309 _____ () C:\ProgramData\lxdnDiagnostics.log 2012-06-25 22:12 - 2012-06-25 22:12 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Files to move or delete: ==================== C:\Program Files\Hola\app\hola.exe Some files in TEMP: ==================== 2016-07-29 21:16 - 2016-07-29 21:16 - 2856112 _____ (Hola Networks Ltd.) C:\Users\paulinka\AppData\Local\Temp\Hola-Setup-x64-1.15.82.exe 2016-08-31 18:32 - 2016-08-31 18:32 - 40360648 _____ () C:\Users\paulinka\AppData\Local\Temp\ipl270F.tmp.exe 2015-12-05 15:22 - 2015-12-05 15:22 - 40475872 _____ () C:\Users\paulinka\AppData\Local\Temp\ipl3AF7.tmp.exe 2017-03-03 13:05 - 2017-03-03 13:05 - 40360648 _____ () C:\Users\paulinka\AppData\Local\Temp\iplD856.tmp.exe 2015-11-24 17:27 - 2015-11-24 17:27 - 40474264 _____ () C:\Users\paulinka\AppData\Local\Temp\iplE332.tmp.exe 2017-04-17 18:03 - 2010-12-14 14:24 - 1577088 _____ (Conexant Systems, Inc.) C:\Users\paulinka\AppData\Local\Temp\KUIU.EXE 2015-08-14 16:28 - 2016-04-16 19:25 - 42743936 _____ (Skype Technologies S.A.) C:\Users\paulinka\AppData\Local\Temp\SkypeSetup.exe 2015-08-16 18:34 - 2013-08-28 14:22 - 0340464 _____ (Babylon Ltd.) C:\Users\paulinka\AppData\Local\Temp\uninst1.exe 2017-03-18 19:48 - 2017-03-18 19:49 - 30533688 _____ () C:\Users\paulinka\AppData\Local\Temp\vlc-2.2.4-win32.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-04-27 17:39 ==================== End of FRST.txt ============================