Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016 Ran by Pat (administrator) on AT (20-01-2016 19:02:17) Running from C:\Users\Pat\Downloads Loaded Profiles: Pat (Available Profiles: Pat) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (HP) C:\Windows\System32\HPSIsvc.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (© 2015 Microsoft Corporation) C:\Users\Pat\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\AASearchCompanion.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] () HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [BrowserAppCoreService] => C:\Users\Pat\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\ShopAtHome_BAC_Service.exe [49152 2013-08-26] (ShopAtHome.com) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-17] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1242277392-240876926-1791514536-1002\...\Run: [Google Update] => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.) HKU\S-1-5-21-1242277392-240876926-1791514536-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-08] (CyberLink Corp.) HKU\S-1-5-21-1242277392-240876926-1791514536-1002\...\Run: [BingSvc] => C:\Users\Pat\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-18] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1242277392-240876926-1791514536-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-1242277392-240876926-1791514536-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1447696 2016-01-18] (Lavasoft) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-25] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-21] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-01-18] (Lavasoft Limited) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-01-18] (Lavasoft Limited) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-01-18] (Lavasoft Limited) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-01-18] (Lavasoft Limited) Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2016-01-18] (Lavasoft Limited) Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-01-18] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-01-18] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-01-18] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-01-18] (Lavasoft Limited) Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-01-18] (Lavasoft Limited) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25 Tcpip\..\Interfaces\{5b8b1c12-4a02-435c-b241-4e7e18624bf0}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{5b8b1c12-4a02-435c-b241-4e7e18624bf0}: [DhcpNameServer] 192.168.0.1 205.171.2.25 Tcpip\..\Interfaces\{6b8c3852-60ad-4fa2-8232-f6b163c0ea7f}: [NameServer] 199.203.131.145,82.163.143.167 Tcpip\..\Interfaces\{6b8c3852-60ad-4fa2-8232-f6b163c0ea7f}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1 HKU\S-1-5-21-1242277392-240876926-1791514536-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D011916-A0138A8547457478FA6F&form=CONMHP&conlogo=CT3331967 HKU\S-1-5-21-1242277392-240876926-1791514536-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1 HKU\S-1-5-21-1242277392-240876926-1791514536-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT13/1 SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E282DCD1-0B0F-4E80-A06D-FDF2745541B2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {E282DCD1-0B0F-4E80-A06D-FDF2745541B2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D011916-A0138A8547457478FA6F&form=CONBDF&conlogo=CT3331967&q={searchTerms} SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D011916-A0138A8547457478FA6F&form=CONBDF&conlogo=CT3331967&q={searchTerms} SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={64A03EB5-A4AD-4D77-B592-F2BA43270172}&mid=13601538d22947cd9d7b719a87b8d2c5-e0b04eeee112b39570aaf3a21f7f9b7ec731fc9a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-22 13:04:59&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?FORM=SL5KDF&PC=SL5K&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> {E282DCD1-0B0F-4E80-A06D-FDF2745541B2} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-08] (Oracle Corporation) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-08] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company) BHO-x32: TBSB07898 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll => No File Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll No File Toolbar: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> No Name - {41564952-412D-5637-4300-7A786E7484D7} - No File Toolbar: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-1242277392-240876926-1791514536-1002 -> No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-08] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1242277392-240876926-1791514536-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-1242277392-240876926-1791514536-1002: @talk.google.com/O1DPlugin -> C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-1242277392-240876926-1791514536-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin HKU\S-1-5-21-1242277392-240876926-1791514536-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Pat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin HKU\S-1-5-21-1242277392-240876926-1791514536-1002: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Pat\AppData\Roaming\CATALI~1\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed] Chrome: ======= CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us CHR StartupUrls: Default -> "hxxp://www.google.com/ig" CHR Profile: C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (Remove Redirects for Google™) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccenmflbeofaceccfhhggbagkblihpoh [2014-05-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Google Search) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Remove Google Redirection) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhjklgpiifbofihffldllbcopkinlod [2015-12-25] CHR Extension: (Bing) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-11-18] CHR Extension: (Google Docs Offline) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (AdBlock) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-19] CHR Extension: (Yahoo Web) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol [2015-11-18] CHR Extension: (MapsGalaxy) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmamepkgcchbpdibjdohccjpgmnphhfl [2014-11-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-17] CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKU\S-1-5-21-1242277392-240876926-1791514536-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1414128 2015-05-18] (Coupons.com Inc.) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] () R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-01-18] (Lavasoft Limited) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-08-27] (Realtek Semiconductor) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2016-01-18] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated) R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-17] (AVG Secure Search) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-17] () ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-25] (Marvell Semiconductor, Inc.) [File not signed] R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-17] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-05] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-05] (Synaptics Incorporated) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-20 19:02 - 2016-01-20 19:04 - 00029730 _____ C:\Users\Pat\Downloads\FRST.txt 2016-01-20 19:02 - 2016-01-20 19:02 - 00000000 ____D C:\FRST 2016-01-20 19:01 - 2016-01-20 19:01 - 02370560 _____ (Farbar) C:\Users\Pat\Downloads\FRST64.exe 2016-01-20 15:51 - 2016-01-20 15:51 - 00000000 ____D C:\Users\Pat\Desktop\photo_1 2016-01-20 15:18 - 2016-01-20 16:31 - 08388608 _____ C:\Users\Pat\Downloads\vlc-setup-win10.vhdx 2016-01-20 15:14 - 2016-01-20 15:14 - 00000000 ____D C:\Users\Pat\AppData\Local\Windows Live 2016-01-19 11:54 - 2016-01-19 11:54 - 00066359 _____ C:\Users\Pat\Downloads\ArchitecturalRequestReceiptLetter (3).pdf 2016-01-19 11:54 - 2016-01-19 11:54 - 00066359 _____ C:\Users\Pat\Downloads\ArchitecturalRequestReceiptLetter (2).pdf 2016-01-18 22:18 - 2016-01-18 22:18 - 00001172 _____ C:\Users\Public\Desktop\Lavasoft AdAwareBrowser.lnk 2016-01-18 22:18 - 2016-01-18 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft AdAwareBrowser 2016-01-18 22:17 - 2016-01-18 22:17 - 00000000 ____D C:\Users\Pat\AppData\Local\mozilla 2016-01-18 22:16 - 2016-01-18 22:17 - 00000000 ____D C:\Program Files (x86)\Lavasoft AdAwareBrowser 2016-01-18 22:13 - 2016-01-18 22:13 - 00000397 _____ C:\Prefs.js 2016-01-18 22:13 - 2016-01-18 22:13 - 00000000 ____D C:\Users\Pat\AppData\Roaming\LavasoftStatistics 2016-01-18 22:12 - 2016-01-19 13:22 - 00002904 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini 2016-01-18 22:12 - 2016-01-19 13:22 - 00002904 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini 2016-01-18 22:12 - 2016-01-18 22:42 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Lavasoft 2016-01-18 22:12 - 2016-01-18 22:13 - 00000000 ____D C:\Users\Pat\AppData\Local\Lavasoft 2016-01-18 22:12 - 2016-01-18 22:13 - 00000000 ____D C:\searchplugins 2016-01-18 22:12 - 2016-01-18 22:11 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll 2016-01-18 22:11 - 2016-01-19 18:12 - 00002409 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2016-01-18 22:11 - 2016-01-18 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-01-18 22:11 - 2016-01-18 22:11 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll 2016-01-18 22:11 - 2016-01-18 22:11 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-01-18 22:10 - 2016-01-18 22:10 - 00000000 ____D C:\Program Files\Lavasoft 2016-01-18 22:08 - 2016-01-18 22:08 - 00000000 ____D C:\Program Files\Common Files\Lavasoft 2016-01-18 22:07 - 2016-01-18 22:11 - 00000000 ____D C:\ProgramData\Lavasoft 2016-01-18 22:07 - 2016-01-18 22:07 - 02012464 _____ C:\Users\Pat\Downloads\Adaware_Installer.exe 2016-01-18 20:27 - 2016-01-18 20:27 - 00022035 _____ C:\Users\Pat\Downloads\SR1 Architectural Request Form (1).pdf 2016-01-15 10:22 - 2016-01-15 10:22 - 00067049 _____ C:\Users\Pat\Downloads\ArchitecturalRequestReceiptLetter (1).pdf 2016-01-13 08:43 - 2016-01-04 19:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 08:43 - 2016-01-04 19:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 08:43 - 2016-01-04 19:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 08:43 - 2016-01-04 19:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 08:43 - 2016-01-04 19:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 08:43 - 2016-01-04 19:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 08:43 - 2016-01-04 19:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 08:43 - 2016-01-04 19:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 08:43 - 2016-01-04 19:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 08:43 - 2016-01-04 19:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 08:43 - 2016-01-04 19:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 08:43 - 2016-01-04 19:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 08:43 - 2016-01-04 19:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 08:43 - 2016-01-04 19:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 08:43 - 2016-01-04 19:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 08:43 - 2016-01-04 18:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 08:43 - 2016-01-04 18:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 08:43 - 2016-01-04 18:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 08:43 - 2016-01-04 18:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 08:43 - 2016-01-04 18:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 08:43 - 2016-01-04 18:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 08:43 - 2016-01-04 18:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 08:43 - 2016-01-04 18:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 08:43 - 2016-01-04 18:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 08:43 - 2016-01-04 18:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 08:43 - 2016-01-04 18:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 08:43 - 2016-01-04 18:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 08:43 - 2016-01-04 18:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 08:43 - 2016-01-04 18:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 08:43 - 2016-01-04 18:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 08:43 - 2016-01-04 18:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 08:43 - 2016-01-04 18:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 08:43 - 2016-01-04 18:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 08:43 - 2016-01-04 18:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-13 08:42 - 2016-01-04 19:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 08:42 - 2016-01-04 19:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 08:42 - 2016-01-04 19:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 08:42 - 2016-01-04 19:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 08:42 - 2016-01-04 19:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 08:42 - 2016-01-04 19:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 08:42 - 2016-01-04 19:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 08:42 - 2016-01-04 19:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 08:42 - 2016-01-04 19:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 08:42 - 2016-01-04 19:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 08:42 - 2016-01-04 19:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 08:42 - 2016-01-04 19:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 08:42 - 2016-01-04 19:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 08:42 - 2016-01-04 19:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 08:42 - 2016-01-04 19:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 08:42 - 2016-01-04 18:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 08:42 - 2016-01-04 18:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 08:42 - 2016-01-04 18:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 08:42 - 2016-01-04 18:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 08:42 - 2016-01-04 18:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 08:42 - 2016-01-04 18:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 08:42 - 2016-01-04 18:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 08:42 - 2016-01-04 18:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 08:42 - 2016-01-04 18:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 08:42 - 2016-01-04 18:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 08:42 - 2016-01-04 18:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 08:42 - 2016-01-04 18:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 08:42 - 2016-01-04 18:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 08:42 - 2016-01-04 18:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 08:42 - 2016-01-04 18:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 08:42 - 2016-01-04 18:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 08:42 - 2016-01-04 18:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 08:42 - 2016-01-04 18:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 08:42 - 2016-01-04 18:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 08:42 - 2016-01-04 18:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 08:42 - 2016-01-04 18:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 08:42 - 2016-01-04 18:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 08:42 - 2016-01-04 18:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 08:42 - 2016-01-04 18:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 08:42 - 2016-01-04 18:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 08:42 - 2016-01-04 18:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 08:42 - 2016-01-04 18:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 08:42 - 2016-01-04 18:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 08:42 - 2016-01-04 18:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 08:42 - 2016-01-04 18:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 08:42 - 2016-01-04 18:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 08:42 - 2016-01-04 18:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 08:42 - 2016-01-04 18:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-08 12:04 - 2016-01-08 12:04 - 00067049 _____ C:\Users\Pat\Downloads\ArchitecturalRequestReceiptLetter.pdf 2016-01-04 16:57 - 2016-01-04 16:57 - 00022035 _____ C:\Users\Pat\Downloads\SR1 Architectural Request Form.pdf 2016-01-01 09:38 - 2016-01-01 09:38 - 01234848 _____ (Apple Inc.) C:\Users\Pat\Downloads\QuickTimePlayer.exe 2015-12-28 13:57 - 2015-12-28 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-26 19:49 - 2015-12-27 09:42 - 00014438 _____ C:\Users\Pat\Documents\RS Schedule.odt 2015-12-25 23:15 - 2015-12-25 23:15 - 00002307 _____ C:\Users\Pat\Desktop\HP Support Assistant.lnk 2015-12-25 09:01 - 2015-12-25 09:01 - 00000000 ____D C:\Users\Pat\AppData\Local\ActiveSync 2015-12-25 08:59 - 2015-12-25 08:59 - 00000020 ___SH C:\Users\Pat\ntuser.ini 2015-12-25 04:18 - 2015-12-25 09:02 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-25 04:12 - 2015-12-25 04:13 - 00000000 ____D C:\Windows.old 2015-12-25 04:11 - 2015-12-25 04:11 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-25 04:11 - 2015-12-25 04:11 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-12-25 04:11 - 2015-12-25 04:11 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-25 04:11 - 2015-12-25 04:11 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-25 04:11 - 2015-12-25 04:11 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2015-12-25 04:11 - 2015-12-25 04:11 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-25 04:11 - 2015-12-25 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-12-25 04:11 - 2015-12-25 04:11 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-12-25 04:11 - 2015-12-25 04:11 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-12-25 04:11 - 2015-12-25 04:11 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-12-25 04:11 - 2015-12-25 04:11 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2015-12-25 04:11 - 2015-12-25 04:11 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-12-25 04:07 - 2015-12-25 04:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-25 04:04 - 2015-12-25 04:04 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-25 04:04 - 2015-12-25 04:04 - 00000000 ____D C:\Program Files\MSBuild 2015-12-25 04:04 - 2015-12-25 04:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-25 04:04 - 2015-12-25 04:04 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-25 04:04 - 2015-12-25 04:04 - 00000000 ____D C:\inetpub 2015-12-25 04:03 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-25 04:03 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-12-25 04:03 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-25 04:03 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-12-25 04:03 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-12-25 04:03 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default\My Documents 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2015-12-25 03:59 - 2015-12-25 03:59 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2015-12-25 03:47 - 2016-01-19 18:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata 2015-12-25 03:38 - 2015-12-25 03:38 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2015-12-25 03:37 - 2015-12-25 03:37 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-25 03:30 - 2015-12-25 03:40 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-12-25 03:28 - 2016-01-20 15:20 - 00972104 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-25 03:28 - 2016-01-19 18:11 - 00000000 ____D C:\Users\Pat 2015-12-25 03:28 - 2015-12-25 03:28 - 00000000 _SHDL C:\Users\Pat\My Documents 2015-12-25 03:28 - 2015-12-25 03:28 - 00000000 _SHDL C:\Users\Pat\Documents\My Videos 2015-12-25 03:28 - 2015-12-25 03:28 - 00000000 _SHDL C:\Users\Pat\Documents\My Pictures 2015-12-25 03:28 - 2015-12-25 03:28 - 00000000 _SHDL C:\Users\Pat\Documents\My Music 2015-12-25 03:27 - 2015-12-25 03:27 - 00929278 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-12-25 03:25 - 2015-12-25 03:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-12-25 03:25 - 2015-12-25 03:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2015-12-25 03:25 - 2015-12-25 03:25 - 00000000 ____D C:\Program Files\Synaptics 2015-12-25 03:24 - 2015-12-25 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos 2015-12-25 03:24 - 2015-12-25 03:31 - 00000000 ____D C:\Program Files\AMD 2015-12-25 03:24 - 2015-12-25 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-12-25 03:24 - 2015-12-25 03:24 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2015-12-25 03:24 - 2015-12-25 03:24 - 00000000 ____D C:\Program Files\Realtek 2015-12-25 03:24 - 2015-12-25 03:24 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2015-12-25 03:24 - 2015-12-25 03:24 - 00000000 _____ C:\WINDOWS\ativpsrm.bin 2015-12-25 03:22 - 2015-10-30 00:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-25 03:19 - 2015-12-25 23:46 - 00240888 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-23 08:57 - 2015-12-23 08:57 - 00133698 _____ C:\Users\Pat\Downloads\JANUARY 2016.pdf 2015-12-22 17:12 - 2015-12-22 17:12 - 00046381 _____ C:\Users\Pat\Downloads\AutoIDCard (2).pdf 2015-12-22 16:40 - 2015-12-22 16:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pat\Downloads\HijackThis (2).exe 2015-12-21 12:36 - 2015-12-21 12:36 - 00000000 _____ C:\Recovery.txt 2015-12-21 12:34 - 2015-12-21 12:36 - 00000000 ___HD C:\$SysReset 2015-12-21 11:58 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-12-21 11:56 - 2015-12-21 11:56 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-12-21 11:56 - 2015-12-21 11:56 - 00001455 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-12-21 11:56 - 2015-12-21 11:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2015-12-21 11:55 - 2015-12-25 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-12-21 11:55 - 2015-12-21 13:00 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-21 11:55 - 2015-12-21 11:58 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-12-21 11:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-12-21 11:42 - 2015-12-21 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Pat\Downloads\spybot-2.4 (1).exe 2015-12-21 11:05 - 2015-12-25 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-20 19:02 - 2015-10-29 23:28 - 00000000 ____D C:\Windows 2016-01-20 18:29 - 2014-06-03 20:35 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1242277392-240876926-1791514536-1002UA.job 2016-01-20 18:23 - 2014-06-03 21:18 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-20 15:20 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-20 14:51 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-20 14:51 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-20 14:46 - 2015-04-05 22:07 - 00000000 ____D C:\ProgramData\MFAData 2016-01-20 14:45 - 2014-10-27 19:38 - 00004136 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8F06A807-8AF9-4AEC-866D-9B7CDA4A2EAD} 2016-01-19 18:16 - 2013-12-30 22:35 - 00000000 ____D C:\Users\Pat\Documents\Youcam 2016-01-19 18:12 - 2014-06-03 21:18 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-19 18:08 - 2014-01-17 10:52 - 00000000 ____D C:\Users\Pat\AppData\Local\ElevatedDiagnostics 2016-01-19 17:52 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-01-19 17:52 - 2015-08-26 21:50 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-01-19 16:32 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-18 22:17 - 2015-12-16 10:39 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Mozilla 2016-01-15 14:37 - 2015-11-18 13:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-15 14:37 - 2015-11-18 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-01-15 14:29 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-14 20:42 - 2015-11-18 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-13 20:30 - 2015-04-14 16:54 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-13 20:30 - 2015-04-14 16:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-13 20:28 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 20:25 - 2013-12-29 17:58 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 20:15 - 2013-12-29 17:58 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-08 09:29 - 2014-06-03 20:35 - 00000854 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1242277392-240876926-1791514536-1002Core.job 2016-01-02 18:40 - 2015-10-30 00:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-02 18:40 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-26 08:47 - 2013-07-02 10:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2015-12-26 08:46 - 2013-07-02 10:41 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2015-12-26 08:44 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-25 23:15 - 2013-07-02 10:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2015-12-25 23:15 - 2013-07-02 10:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-12-25 23:15 - 2013-07-02 10:28 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-12-25 20:46 - 2012-08-03 17:02 - 00000000 ____D C:\SWSetup 2015-12-25 10:00 - 2013-12-25 10:00 - 00000000 ____D C:\Users\Pat\AppData\Local\Packages 2015-12-25 09:57 - 2015-12-14 11:43 - 00000330 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPat.job 2015-12-25 09:56 - 2015-08-26 22:40 - 00002397 _____ C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-25 09:56 - 2014-10-27 19:42 - 00000000 ___RD C:\Users\Pat\OneDrive 2015-12-25 09:55 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-25 09:51 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-25 09:51 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-25 09:00 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-25 09:00 - 2013-12-25 17:52 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-25 04:18 - 2015-10-30 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-25 04:12 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-25 04:12 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-25 04:12 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2015-12-25 04:12 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-25 04:12 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-25 04:04 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-25 04:04 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-25 04:04 - 2015-10-30 00:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2015-12-25 04:04 - 2015-10-30 00:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2015-12-25 04:04 - 2015-10-30 00:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2015-12-25 04:04 - 2015-10-30 00:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2015-12-25 04:04 - 2015-10-30 00:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2015-12-25 04:04 - 2015-10-30 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2015-12-25 04:04 - 2015-10-30 00:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2015-12-25 04:04 - 2015-10-30 00:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2015-12-25 04:04 - 2015-10-30 00:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2015-12-25 04:04 - 2015-10-30 00:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2015-12-25 04:04 - 2015-10-30 00:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2015-12-25 04:04 - 2015-10-30 00:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2015-12-25 04:00 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-25 03:58 - 2014-10-27 16:56 - 00041913 _____ C:\WINDOWS\diagwrn.xml 2015-12-25 03:58 - 2014-10-27 16:56 - 00041913 _____ C:\WINDOWS\diagerr.xml 2015-12-25 03:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-25 03:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Registration 2015-12-25 03:48 - 2014-10-27 17:19 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-25 03:47 - 2015-12-04 09:28 - 00002174 _____ C:\WINDOWS\System32\Tasks\1215avUpdateInfo 2015-12-25 03:47 - 2015-08-26 22:12 - 00022894 _____ C:\WINDOWS\System32\Tasks\DNSKINGSTON 2015-12-25 03:47 - 2015-03-05 10:24 - 00002530 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent 2015-12-25 03:47 - 2014-06-03 21:18 - 00003424 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-25 03:47 - 2014-06-03 21:18 - 00003200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-25 03:47 - 2014-06-03 20:35 - 00003580 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1242277392-240876926-1791514536-1002UA 2015-12-25 03:47 - 2014-06-03 20:35 - 00003312 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1242277392-240876926-1791514536-1002Core 2015-12-25 03:47 - 2013-12-25 10:11 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1242277392-240876926-1791514536-1002 2015-12-25 03:47 - 2013-10-07 23:30 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1242277392-240876926-1791514536-500 2015-12-25 03:47 - 2013-10-07 21:42 - 00002246 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements 2015-12-25 03:46 - 2015-10-30 00:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-25 03:40 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-25 03:40 - 2015-04-05 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-12-25 03:40 - 2015-02-17 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-12-25 03:40 - 2014-10-23 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-25 03:40 - 2014-06-03 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-25 03:40 - 2014-05-19 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-12-25 03:40 - 2014-02-21 19:29 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina – Print Savings 2015-12-25 03:40 - 2014-01-18 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-12-25 03:40 - 2013-12-31 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons 2015-12-25 03:40 - 2013-12-25 11:02 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2015-12-25 03:40 - 2013-10-07 22:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2015-12-25 03:40 - 2013-07-02 10:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-25 03:40 - 2013-07-02 10:37 - 00000000 ____D C:\WINDOWS\en 2015-12-25 03:40 - 2013-07-02 10:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-12-25 03:38 - 2015-07-10 02:05 - 00000000 ____D C:\Users\Default.migrated 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2015-12-25 03:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-12-25 03:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-12-25 03:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-12-25 03:33 - 2013-07-02 10:33 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2015-12-25 03:31 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-25 03:31 - 2015-10-30 00:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-25 03:31 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\InputMethod 2015-12-25 03:31 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-25 03:31 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-25 03:31 - 2015-02-25 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari 2015-12-25 03:31 - 2014-09-24 02:50 - 00000000 ____D C:\Program Files\Embedded Lockdown Manager 2015-12-25 03:31 - 2014-06-27 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2015-12-25 03:31 - 2014-01-18 21:28 - 00000000 ____D C:\Program Files\HP 2015-12-25 03:31 - 2013-12-25 10:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services 2015-12-25 03:31 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS 2015-12-25 03:31 - 2013-07-02 10:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-12-25 03:27 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-25 03:19 - 2015-10-30 02:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-25 02:47 - 2015-10-30 02:42 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-21 11:58 - 2015-06-29 09:31 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-21 11:05 - 2015-11-23 10:59 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-12-21 11:05 - 2015-04-14 16:54 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk ==================== Files in the root of some directories ======= 2014-02-21 19:29 - 2014-02-21 19:30 - 0893239 _____ () C:\Users\Pat\AppData\Local\a.zip 2014-02-21 19:30 - 2014-02-21 19:30 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Pat\AppData\Local\BcsKtYcHW.dll Some files in TEMP: ==================== C:\Users\Pat\AppData\Local\Temp\c10c58aa-9ebf-473c-8805-c7fe8ace105b.exe C:\Users\Pat\AppData\Local\Temp\HPSFUpdater.exe C:\Users\Pat\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-15 21:54 ==================== End of FRST.txt ============================