Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome Will Not Install


  • This topic is locked This topic is locked

#1
rlives16

rlives16

    Member

  • Member
  • PipPip
  • 34 posts

Hello, I am having the similar issue others faced with the problems occurred while trying to download google chrome. It was working before, then stopped, so I uninstalled it and tried to reinstall. This is where my issue was noticed. The google chrome installer will come up and say "downloading" but never seems to change from that screen. I have used you all in the past and was very pleased with the outcome. So, what is my next move?


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

You're posting in the Malware removal forum asking a question about a Google Chrome install issue. Since you're here lets run some malware scans.

Everything gets download to the desktop and tools are "Run as administrator."

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

I am having trouble getting the frst log to post after I copy and paste it right here


  • 0

#4
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Ryan (administrator) on DESKTOP-A6RCKOD (10-09-2016 19:32:51)
Running from C:\Users\Ryan\Downloads
Loaded Profiles: Ryan (Available Profiles: Ryan)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(Farbar) C:\Users\Ryan\Downloads\FRST64 (1).exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ba67ce16-dddb-4d21-842b-6879e276af9c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-868973554-806322924-1075547668-1002 -> {85F4FD30-6678-48CB-AA0B-8055550F3547} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US1045D20160819&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-06] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-06] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-29] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-29] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-29] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-29] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-06] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-09-10]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
 
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-30]
CHR Extension: (SiteAdvisor) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [161536 2016-08-29] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254232 2016-08-31] (RaMMicHaeL)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2016-08-20] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2016-08-20] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [519976 2016-04-27] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100136 2016-04-27] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-10 19:32 - 2016-09-10 19:32 - 02397696 _____ (Farbar) C:\Users\Ryan\Downloads\FRST64 (1).exe
2016-09-10 19:29 - 2016-09-10 19:29 - 00016148 _____ C:\Windows\system32\DESKTOP-A6RCKOD_Ryan_HistoryPrediction.bin
2016-09-09 19:36 - 2016-09-09 19:37 - 00032161 _____ C:\Users\Ryan\Downloads\Addition.txt
2016-09-09 19:35 - 2016-09-10 19:32 - 00018484 _____ C:\Users\Ryan\Downloads\FRST.txt
2016-09-09 19:35 - 2016-09-10 19:32 - 00000000 ____D C:\FRST
2016-09-09 19:35 - 2016-09-09 19:35 - 02397696 _____ (Farbar) C:\Users\Ryan\Downloads\FRST64.exe
2016-09-09 19:29 - 2016-09-09 19:30 - 01610560 _____ (Malwarebytes) C:\Users\Ryan\Downloads\JRT.exe
2016-09-09 19:28 - 2016-09-09 19:28 - 03826240 _____ C:\Users\Ryan\Downloads\AdwCleaner (1).exe
2016-09-09 19:19 - 2016-09-09 19:21 - 00000000 ____D C:\AdwCleaner
2016-09-09 19:18 - 2016-09-09 19:19 - 03826240 _____ C:\Users\Ryan\Downloads\AdwCleaner.exe
2016-09-08 21:03 - 2016-09-10 19:32 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-09-08 03:23 - 2016-09-08 03:23 - 01065376 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup (4).exe
2016-09-07 23:44 - 2016-09-07 23:44 - 01519106 _____ C:\Users\Ryan\Downloads\FirstDayIntroductionHershyandChase-5.pptx
2016-09-06 00:35 - 2016-09-06 00:35 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-09-06 00:35 - 2016-09-06 00:35 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Sun
2016-09-06 00:35 - 2016-09-06 00:35 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\Sun
2016-09-06 00:35 - 2016-09-06 00:35 - 00000000 ____D C:\Users\Ryan\.oracle_jre_usage
2016-09-06 00:35 - 2016-09-06 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-06 00:34 - 2016-09-06 00:34 - 00000000 ____D C:\ProgramData\Oracle
2016-09-06 00:34 - 2016-09-06 00:34 - 00000000 ____D C:\Program Files\Java
2016-09-06 00:32 - 2016-09-06 00:34 - 62041152 _____ (Oracle Corporation) C:\Users\Ryan\Downloads\jre-8u101-windows-x64.exe
2016-09-06 00:30 - 2016-09-06 00:31 - 00819144 _____ (Google Inc.) C:\Users\Ryan\Downloads\chrome_installer.exe
2016-09-06 00:22 - 2016-09-06 00:22 - 01065376 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup (3).exe
2016-09-06 00:16 - 2016-09-06 00:16 - 01065376 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup (2).exe
2016-09-06 00:12 - 2016-09-06 00:13 - 01065376 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup (1).exe
2016-09-05 19:18 - 2016-09-05 19:18 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-05 19:18 - 2016-09-05 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-09-05 19:11 - 2016-09-09 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-05 19:11 - 2016-09-05 19:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-05 19:09 - 2016-09-05 19:11 - 03782336 _____ (Microsoft Corporation) C:\Users\Ryan\Downloads\Setup.X86.en-US_O365ProPlusRetail_02477a10-28ce-4533-a870-feb1cb6e2747_TX_PR_b_32_.exe
2016-09-05 18:38 - 2016-09-05 18:39 - 00000000 ____D C:\Program Files (x86)\GUM8897.tmp
2016-09-05 14:26 - 2016-09-05 14:26 - 01065376 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup.exe
2016-09-01 13:44 - 2016-09-10 16:40 - 00004208 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-08-31 22:22 - 2016-08-31 22:22 - 00000000 ____D C:\Users\Ryan\AppData\Local\ElevatedDiagnostics
2016-08-31 00:32 - 2016-08-31 00:32 - 00000000 ____D C:\ProgramData\Unchecky
2016-08-31 00:32 - 2016-08-31 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2016-08-31 00:32 - 2016-08-31 00:32 - 00000000 ____D C:\Program Files (x86)\Unchecky
2016-08-31 00:31 - 2016-08-31 00:32 - 01453048 _____ (RaMMicHaeL) C:\Users\Ryan\Downloads\unchecky_setup.exe
2016-08-30 23:51 - 2016-08-30 23:51 - 00003654 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-08-30 23:50 - 2016-08-30 23:51 - 00001411 _____ C:\DelFix.txt
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Windows\ERUNT
2016-08-29 11:05 - 2016-08-29 11:05 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Ryan\Downloads\esetonlinescanner_enu.exe
2016-08-29 11:05 - 2016-08-29 11:05 - 00000000 ____D C:\Users\Ryan\AppData\Local\ESET
2016-08-29 10:42 - 2016-09-10 19:29 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-29 10:40 - 2016-08-29 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-29 10:40 - 2016-08-29 10:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-29 10:40 - 2016-08-29 10:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-29 10:40 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-29 10:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-29 10:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-29 10:39 - 2016-08-29 10:39 - 22851472 _____ (Malwarebytes ) C:\Users\Ryan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-27 18:31 - 2016-08-27 18:31 - 00000008 ____H C:\ProgramData\@000001.dat
2016-08-26 22:26 - 2016-08-26 22:28 - 81999431 _____ C:\Users\Ryan\Downloads\youblisher.com-803348-The_Making_of_the_West_Peoples_and_Cultures.pdf
2016-08-26 12:15 - 2016-08-26 12:15 - 00187661 ____T C:\Users\Ryan\Desktop\AppStTicket.pdf
2016-08-26 01:46 - 2016-08-26 01:46 - 06888589 _____ C:\Users\Ryan\Desktop\Fundamental of Diff. Eqn.(8.Edition).pdf
2016-08-23 23:40 - 2016-08-23 23:40 - 00165547 _____ C:\Users\Ryan\Desktop\ScheduleFall16.pdf
2016-08-23 18:01 - 2016-08-23 18:01 - 01989011 _____ C:\Users\Ryan\Downloads\EStatement-2016-08-16-64897.pdf
2016-08-23 13:02 - 2016-08-23 13:02 - 00049672 _____ C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 00012228 _____ C:\Users\Ryan\AppData\Local\gchbgoka
2016-08-22 20:46 - 2016-08-22 20:46 - 00003338 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-08-22 20:46 - 2016-08-22 20:46 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Skype
2016-08-22 17:14 - 2016-08-23 22:30 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\BitTorrent
2016-08-21 17:19 - 2016-08-21 17:19 - 00049672 _____ C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 00009994 _____ C:\Users\Ryan\AppData\Roaming\rowgleru
2016-08-21 14:54 - 2016-08-21 14:54 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-21 14:54 - 2016-08-21 14:54 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-21 14:41 - 2016-08-21 14:41 - 00002048 _____ C:\Users\Ryan\Desktop\Revit 2016.lnk
2016-08-20 20:45 - 2016-08-21 20:32 - 00125408 _____ C:\Users\Ryan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-20 20:44 - 2016-08-21 13:19 - 00000000 ____D C:\ProgramData\RevitInterProcess
2016-08-20 20:43 - 2016-08-20 20:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-20 19:15 - 2016-08-20 19:15 - 03867040 _____ C:\Windows\system32\PortChanger.exe
2016-08-20 19:15 - 2016-08-20 19:15 - 02398112 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2016-08-20 19:15 - 2016-08-20 19:15 - 00151968 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00049056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00027040 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\Dot4Prt.sys
2016-08-20 19:15 - 2016-08-20 19:15 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-08-20 19:14 - 2016-08-20 19:14 - 00053248 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpzllw71.dll
2016-08-20 19:14 - 2016-08-20 19:14 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-08-20 19:09 - 2016-08-20 19:09 - 01304576 _____ (Hewlett-Packard) C:\Windows\system32\hpowiav1.dll
2016-08-20 19:09 - 2016-08-20 19:09 - 00736256 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl1.dll
2016-08-20 18:54 - 2016-08-21 13:25 - 00000028 _____ C:\Windows\ODBC.INI
2016-08-20 18:54 - 2016-08-21 13:25 - 00000023 _____ C:\Windows\ODBCINST.INI
2016-08-20 18:33 - 2016-08-20 18:33 - 00000000 ____D C:\Users\Ryan\Documents\Custom Office Templates
2016-08-20 17:56 - 2016-08-20 17:56 - 00898025 _____ C:\Users\Ryan\Desktop\shotrecords.pdf
2016-08-20 17:21 - 2016-08-20 17:22 - 00000000 ____D C:\Users\Ryan\Desktop\AutoCAD Templates
2016-08-20 16:38 - 2016-08-20 16:39 - 00000000 ____D C:\ProgramData\FLEXnet
2016-08-20 16:37 - 2016-08-20 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-08-20 16:37 - 2016-08-20 16:37 - 00000000 ____D C:\Program Files (x86)\MSI
2016-08-20 13:00 - 2016-08-20 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016
2016-08-20 13:00 - 2016-08-20 13:00 - 00000000 ____D C:\ProgramData\FARO
2016-08-20 12:53 - 2016-08-20 12:53 - 00002171 _____ C:\Users\Public\Desktop\AutoCAD 2016 - English.lnk
2016-08-20 12:53 - 2016-08-20 12:53 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-08-20 12:52 - 2016-08-20 12:52 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-08-20 12:52 - 2016-08-20 12:52 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-08-20 12:51 - 2016-08-20 12:51 - 00000000 ____D C:\Users\Ryan\Documents\Inventor Server SDK ACAD 2016
2016-08-20 12:50 - 2016-08-20 12:50 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files\MSBuild
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-20 12:43 - 2016-08-20 12:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-20 12:42 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-08-20 12:42 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-20 12:42 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-08-20 12:42 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-08-20 12:42 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-20 12:42 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-08-20 12:38 - 2016-08-21 14:42 - 00000000 ____D C:\Program Files\Autodesk
2016-08-20 12:38 - 2016-08-21 14:40 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-08-20 12:22 - 2016-09-10 16:28 - 00004162 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A6797E67-0C58-4F65-825F-15D401FB962D}
2016-08-20 12:16 - 2016-08-22 17:27 - 00005242 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A6RCKOD-Ryan DESKTOP-A6RCKOD
2016-08-20 02:17 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-20 02:17 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-20 02:17 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-08-20 02:17 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-20 02:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-08-20 02:17 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-20 02:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-08-20 02:17 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-20 02:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-08-20 01:58 - 2016-08-20 01:58 - 00026192 ____N (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-08-20 01:58 - 2016-08-20 01:58 - 00000010 _____ C:\Windows\GSetup.ini
2016-08-20 01:58 - 2009-08-27 03:04 - 00207400 ____R () C:\Windows\GSetup.exe
2016-08-20 01:54 - 2016-08-20 01:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-19 23:30 - 2016-08-21 20:32 - 00000000 ____D C:\Users\Ryan\AppData\Local\Autodesk
2016-08-19 23:30 - 2016-08-21 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-08-19 23:30 - 2016-08-19 23:30 - 00000000 ____D C:\ProgramData\Applications
2016-08-19 23:27 - 2016-08-21 20:28 - 00000000 ____D C:\ProgramData\Autodesk
2016-08-19 23:27 - 2016-08-20 20:50 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Autodesk
2016-08-19 23:25 - 2016-08-21 15:42 - 00000000 ____D C:\Autodesk
2016-08-19 23:25 - 2016-08-19 23:25 - 00000000 ____D C:\Users\Ryan\AppData\Local\Akamai
2016-08-19 23:19 - 2016-08-26 22:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-19 23:19 - 2016-08-19 23:19 - 00000000 ____D C:\Users\Ryan\AppData\Local\Microsoft Help
2016-08-19 23:02 - 2016-08-29 17:51 - 00000000 ____D C:\Users\Ryan\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl  Activator  P2P
2016-08-19 22:46 - 2016-08-29 11:00 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\75a000
2016-08-19 22:46 - 2016-08-29 10:59 - 00000000 ____D C:\Users\Ryan\AppData\Local\751c12
2016-08-19 22:15 - 2016-08-29 10:54 - 00000920 ____H C:\ProgramData\@system.temp
2016-08-19 22:14 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\BrowserMe
2016-08-19 22:14 - 2016-08-29 10:54 - 00000656 ____H C:\ProgramData\@system3.att
2016-08-19 22:14 - 2016-08-19 22:14 - 00000480 ____H C:\Users\Ryan\AppData\Roaming\½Ó
2016-08-19 21:59 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Local\AXworks
2016-08-19 21:58 - 2016-08-20 16:36 - 00003998 _____ C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
2016-08-19 18:03 - 2016-08-19 18:03 - 00003748 _____ C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-19 18:03 - 2016-08-19 18:03 - 00000250 _____ C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
2016-08-19 17:05 - 2016-08-19 17:05 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Macromedia
2016-08-19 17:04 - 2016-08-19 17:04 - 00001989 _____ C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2016-08-19 17:04 - 2016-08-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-08-19 17:04 - 2016-02-24 21:07 - 00207968 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2016-08-19 17:03 - 2016-08-19 17:03 - 00003142 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-08-19 17:03 - 2016-08-19 17:03 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-08-19 17:03 - 2016-08-19 17:03 - 00000000 ____D C:\ProgramData\Intel Security
2016-08-19 17:03 - 2016-07-27 15:25 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-08-19 17:02 - 2016-09-09 19:23 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-19 17:02 - 2016-08-19 17:04 - 00000000 ____D C:\Program Files\McAfee
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\McAfee.com
2016-08-19 17:02 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-08-19 16:59 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2016-08-19 16:47 - 2016-08-19 16:49 - 00000000 ____D C:\Users\Ryan\AppData\Local\Comms
2016-08-19 16:46 - 2016-08-20 18:40 - 00000000 ____D C:\ProgramData\McAfee
2016-08-19 16:46 - 2016-08-19 17:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-08-19 16:42 - 2016-09-03 20:07 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-19 16:42 - 2016-08-19 16:42 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Ryan\AppData\Local\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Ryan\AppData\Local\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\iPod
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files\Bonjour
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-19 16:41 - 2016-08-19 16:42 - 00000000 ____D C:\ProgramData\Apple
2016-08-19 15:07 - 2016-08-31 12:14 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\Temp
2016-08-19 14:42 - 2016-08-19 15:07 - 00071587 ____T C:\Users\Ryan\Desktop\ParkingPermitReceipt.PDF
2016-08-19 06:49 - 2016-08-19 17:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-19 06:49 - 2016-08-19 16:54 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-08-18 23:24 - 2016-08-18 23:26 - 00000000 ____D C:\Windows\system32\MRT
2016-08-18 23:23 - 2016-08-18 23:23 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-18 23:21 - 2016-08-03 02:15 - 00468832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-08-18 23:21 - 2016-08-03 01:46 - 08016728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-18 23:21 - 2016-08-03 01:44 - 02429792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-18 23:21 - 2016-08-03 01:44 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-08-18 23:21 - 2016-08-03 01:39 - 00660320 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-08-18 23:21 - 2016-08-03 01:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-18 23:21 - 2016-08-03 00:57 - 24604160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-18 23:21 - 2016-08-03 00:57 - 21862912 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-08-18 23:21 - 2016-08-03 00:53 - 13027328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-18 23:21 - 2016-08-03 00:52 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-08-18 23:21 - 2016-08-03 00:46 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-18 23:21 - 2016-08-03 00:46 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-08-18 23:21 - 2016-08-03 00:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-08-18 23:21 - 2016-08-03 00:39 - 00846848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-08-18 23:21 - 2016-08-03 00:38 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-08-18 23:21 - 2016-08-03 00:37 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-08-18 23:21 - 2016-08-03 00:36 - 07524352 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 18799616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-18 23:21 - 2016-08-03 00:35 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-08-18 23:21 - 2016-08-03 00:35 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-08-18 23:21 - 2016-08-03 00:34 - 01522176 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-08-18 23:21 - 2016-08-03 00:32 - 00939008 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-08-18 23:21 - 2016-08-03 00:32 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-18 23:21 - 2016-08-03 00:30 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-08-18 23:21 - 2016-08-03 00:28 - 03579392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-18 23:21 - 2016-08-03 00:27 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-08-18 23:21 - 2016-08-03 00:26 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-08-18 23:21 - 2016-08-03 00:22 - 00716288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-08-18 23:21 - 2016-06-24 00:58 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-18 23:21 - 2016-06-24 00:07 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-08-18 23:21 - 2016-06-23 23:45 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-08-18 23:21 - 2016-05-28 01:00 - 00327520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-08-18 23:21 - 2016-05-28 00:00 - 01336832 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-08-18 23:21 - 2016-05-27 23:58 - 00672256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-08-18 23:21 - 2016-05-27 23:58 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-08-18 23:21 - 2016-05-27 23:58 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-08-18 23:21 - 2016-05-27 23:53 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-08-18 23:21 - 2016-05-27 23:44 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-08-18 23:21 - 2016-05-27 23:44 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-08-18 23:21 - 2016-05-27 23:43 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-08-18 23:21 - 2016-05-27 23:41 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-08-18 23:21 - 2016-05-27 23:38 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-08-18 23:21 - 2016-05-27 23:29 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-08-18 23:21 - 2016-05-27 23:29 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-08-18 23:21 - 2016-04-09 06:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-18 23:21 - 2016-04-09 06:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-08-18 23:21 - 2016-04-09 06:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-18 23:21 - 2016-04-09 06:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-08-18 23:21 - 2016-04-09 05:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-18 23:21 - 2016-04-09 05:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-18 23:21 - 2016-04-09 04:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-18 23:21 - 2016-04-09 03:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-18 23:21 - 2016-04-09 03:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-08-18 23:21 - 2016-04-09 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-18 23:21 - 2016-03-16 00:37 - 01010016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-08-18 23:21 - 2016-03-15 23:47 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-18 23:21 - 2016-03-15 23:38 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-08-18 23:21 - 2016-03-15 23:37 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-08-18 23:21 - 2016-03-15 23:31 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-08-18 23:21 - 2016-03-15 23:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-08-18 23:21 - 2016-03-15 23:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-08-18 23:21 - 2016-02-23 10:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-18 23:21 - 2016-02-23 10:43 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-08-18 23:21 - 2016-02-23 10:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-08-18 23:21 - 2016-02-23 08:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-08-18 23:21 - 2016-02-23 08:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-08-18 23:21 - 2016-02-23 08:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-18 23:21 - 2016-02-23 07:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-08-18 23:21 - 2016-02-23 07:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-08-18 23:21 - 2016-01-31 01:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-08-18 23:21 - 2016-01-31 01:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-08-18 23:21 - 2016-01-31 01:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-08-18 23:21 - 2016-01-31 01:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-08-18 23:21 - 2016-01-31 01:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-08-18 23:21 - 2016-01-04 23:06 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-08-18 23:21 - 2016-01-04 23:06 - 00119800 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-08-18 23:21 - 2016-01-04 23:04 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-18 23:21 - 2016-01-04 22:30 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-08-18 23:21 - 2016-01-04 22:30 - 00100712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-08-18 23:21 - 2016-01-04 22:28 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-18 23:21 - 2016-01-04 22:09 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-08-18 23:21 - 2015-11-25 01:40 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-08-18 23:21 - 2015-11-25 00:49 - 01569280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-08-18 23:21 - 2015-11-25 00:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-08-18 23:21 - 2015-11-25 00:30 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-08-18 23:21 - 2015-11-25 00:18 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-08-18 23:21 - 2015-11-05 01:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-18 23:21 - 2015-11-05 00:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-08-18 23:21 - 2015-11-05 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-08-18 23:21 - 2015-09-25 00:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-08-18 23:21 - 2015-09-24 23:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-08-18 23:21 - 2015-09-24 22:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-08-18 23:21 - 2015-09-24 22:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-08-18 23:21 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-08-18 23:21 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-08-18 23:21 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2016-08-18 23:21 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-08-18 23:21 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-08-18 23:21 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-08-18 23:21 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2016-08-18 23:21 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-08-18 23:21 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-08-18 23:21 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-08-18 23:21 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2016-08-18 23:21 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-08-18 23:21 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-08-18 23:21 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2016-08-18 23:21 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-08-18 23:21 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2016-08-18 23:21 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-08-18 23:21 - 2015-08-18 03:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-08-18 23:21 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-08-18 23:21 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-08-18 23:21 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2016-08-18 23:21 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-08-18 23:21 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-08-18 23:21 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-08-18 23:21 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2016-08-18 23:21 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-08-18 23:21 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-08-18 23:21 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-08-18 23:21 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-08-18 23:21 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-08-18 23:21 - 2015-07-22 01:15 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-08-18 23:21 - 2015-07-22 00:00 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-08-18 23:21 - 2015-07-17 00:23 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2016-08-18 23:21 - 2015-07-17 00:07 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-08-18 23:21 - 2015-07-16 01:39 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-08-18 23:21 - 2015-07-13 22:04 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2016-08-18 23:21 - 2015-07-10 21:03 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-08-18 23:21 - 2015-07-10 20:40 - 02606080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 01356368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-08-18 23:20 - 2016-08-03 02:24 - 00439648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-18 23:20 - 2016-08-03 02:24 - 00046480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-08-18 23:20 - 2016-08-03 02:14 - 00565648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-08-18 23:20 - 2016-08-03 02:13 - 00065096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2016-08-18 23:20 - 2016-08-03 02:09 - 00185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 03467776 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 01538168 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-18 23:20 - 2016-08-03 01:46 - 00552288 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-08-18 23:20 - 2016-08-03 01:46 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-08-18 23:20 - 2016-08-03 01:38 - 06525424 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-18 23:20 - 2016-08-03 01:38 - 01134792 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-08-18 23:20 - 2016-08-03 01:38 - 00724168 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-08-18 23:20 - 2016-08-03 01:38 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2016-08-18 23:20 - 2016-08-03 01:37 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-08-18 23:20 - 2016-08-03 01:33 - 00224704 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-08-18 23:20 - 2016-08-03 00:57 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:54 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-08-18 23:20 - 2016-08-03 00:53 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-08-18 23:20 - 2016-08-03 00:51 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-08-18 23:20 - 2016-08-03 00:49 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-08-18 23:20 - 2016-08-03 00:49 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:48 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-18 23:20 - 2016-08-03 00:46 - 01416704 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-18 23:20 - 2016-08-03 00:45 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-18 23:20 - 2016-08-03 00:45 - 12514304 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 19337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-08-18 23:20 - 2016-08-03 00:44 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-08-18 23:20 - 2016-08-03 00:42 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-08-18 23:20 - 2016-08-03 00:41 - 04398592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-08-18 23:20 - 2016-08-03 00:40 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-18 23:20 - 2016-08-03 00:40 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-08-18 23:20 - 2016-08-03 00:39 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-18 23:20 - 2016-08-03 00:38 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 07502848 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-08-18 23:20 - 2016-08-03 00:36 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2016-08-18 23:20 - 2016-08-03 00:34 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-18 23:20 - 2016-08-03 00:33 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-08-18 23:20 - 2016-08-03 00:27 - 11270656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-18 23:20 - 2016-08-03 00:26 - 06713856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-08-18 23:20 - 2016-06-23 23:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-08-18 23:20 - 2016-06-23 23:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-08-18 23:20 - 2016-06-23 23:45 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-18 23:20 - 2016-06-23 23:44 - 05510656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-18 23:20 - 2016-06-23 23:43 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-18 23:20 - 2016-06-23 23:42 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-18 23:20 - 2016-06-23 23:22 - 04737536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-18 23:20 - 2016-06-23 23:15 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-18 23:20 - 2016-05-28 01:02 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-08-18 23:20 - 2016-05-28 00:52 - 22326760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-18 23:20 - 2016-05-28 00:38 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-08-18 23:20 - 2016-05-28 00:27 - 20861984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-18 23:20 - 2016-05-28 00:10 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-08-18 23:20 - 2016-05-27 23:54 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-08-18 23:20 - 2016-05-27 23:52 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-08-18 23:20 - 2016-05-27 23:40 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-08-18 23:20 - 2016-05-27 23:38 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-08-18 23:20 - 2016-04-15 03:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-08-18 23:20 - 2016-04-15 02:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-08-18 23:20 - 2016-04-15 02:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-08-18 23:20 - 2016-04-15 01:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-08-18 23:20 - 2016-04-09 03:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-18 23:20 - 2016-04-09 03:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-08-18 23:20 - 2016-04-09 03:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-08-18 23:20 - 2016-04-09 02:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-18 23:20 - 2016-04-09 02:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-08-18 23:20 - 2016-04-09 02:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-08-18 23:20 - 2016-03-16 00:54 - 00595016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-08-18 23:20 - 2016-03-16 00:45 - 00140536 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-08-18 23:20 - 2016-03-16 00:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-08-18 23:20 - 2016-03-15 23:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2016-08-18 23:20 - 2016-03-15 23:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-08-18 23:20 - 2016-03-15 23:49 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-08-18 23:20 - 2016-03-15 23:46 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-08-18 23:20 - 2016-03-15 23:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-08-18 23:20 - 2016-03-15 23:39 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-08-18 23:20 - 2016-03-15 23:37 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-08-18 23:20 - 2016-03-15 23:36 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-08-18 23:20 - 2016-03-15 23:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-08-18 23:20 - 2016-03-15 23:35 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-08-18 23:20 - 2016-03-15 23:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-08-18 23:20 - 2016-03-15 23:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-08-18 23:20 - 2016-03-15 23:18 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-08-18 23:20 - 2016-03-15 23:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-08-18 23:20 - 2016-03-15 23:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-08-18 23:20 - 2016-03-15 23:13 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-08-18 23:20 - 2016-03-15 23:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-08-18 23:20 - 2016-03-15 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-08-18 23:20 - 2016-02-23 10:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-08-18 23:20 - 2016-02-23 10:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-08-18 23:20 - 2016-02-23 10:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-08-18 23:20 - 2016-02-23 09:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-08-18 23:20 - 2016-02-23 08:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-08-18 23:20 - 2016-02-23 07:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-08-18 23:20 - 2016-02-23 07:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-08-18 23:20 - 2016-02-23 06:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-08-18 23:20 - 2016-01-31 02:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-08-18 23:20 - 2016-01-31 02:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-08-18 23:20 - 2016-01-31 01:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-18 23:20 - 2016-01-31 01:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-08-18 23:20 - 2016-01-31 01:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-08-18 23:20 - 2016-01-31 01:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00779928 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00233992 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2016-08-18 23:20 - 2016-01-04 23:04 - 00090912 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-08-18 23:20 - 2016-01-04 22:29 - 00208688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00645144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00635312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-08-18 23:20 - 2016-01-04 22:28 - 00082096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-08-18 23:20 - 2016-01-04 22:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-08-18 23:20 - 2016-01-04 22:15 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\usermgrcli.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-08-18 23:20 - 2016-01-04 22:02 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-08-18 23:20 - 2016-01-04 22:01 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-08-18 23:20 - 2016-01-04 21:57 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2016-08-18 23:20 - 2016-01-04 21:57 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-08-18 23:20 - 2016-01-04 21:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-08-18 23:20 - 2016-01-04 21:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usermgrcli.dll
2016-08-18 23:20 - 2016-01-04 21:32 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-08-18 23:20 - 2016-01-04 21:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-08-18 23:20 - 2016-01-04 21:31 - 00563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-08-18 23:20 - 2016-01-04 21:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-08-18 23:20 - 2015-11-25 01:42 - 00168288 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-08-18 23:20 - 2015-11-25 00:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:49 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:49 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:48 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\EthernetMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:48 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\DAMediaManager.dll
2016-08-18 23:20 - 2015-11-25 00:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-08-18 23:20 - 2015-11-25 00:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-08-18 23:20 - 2015-11-25 00:10 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-08-18 23:20 - 2015-11-25 00:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-08-18 23:20 - 2015-11-05 01:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-08-18 23:20 - 2015-11-05 01:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-08-18 23:20 - 2015-11-05 01:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-08-18 23:20 - 2015-11-05 00:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-08-18 23:20 - 2015-11-05 00:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-08-18 23:20 - 2015-11-05 00:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-08-18 23:20 - 2015-11-04 23:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-08-18 23:20 - 2015-09-30 23:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-18 23:20 - 2015-09-24 23:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-08-18 23:20 - 2015-09-24 22:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-08-18 23:20 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-08-18 23:20 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-08-18 23:20 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-08-18 23:20 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-08-18 23:20 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2016-08-18 23:20 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-08-18 23:20 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-08-18 23:20 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-08-18 23:20 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-08-18 23:20 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-08-18 23:20 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-08-18 23:20 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-08-18 23:20 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-08-18 23:20 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-08-18 23:20 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2016-08-18 23:20 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-08-18 23:20 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-08-18 23:20 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-08-18 23:20 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-08-18 23:20 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2016-08-18 23:20 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-08-18 23:20 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-08-18 23:20 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-08-18 23:20 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-08-18 23:20 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-08-18 23:20 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-08-18 23:20 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-08-18 23:20 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-08-18 23:20 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-08-18 23:20 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-08-18 23:20 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-08-18 23:20 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-08-18 23:20 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-08-18 23:20 - 2015-08-18 02:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-08-18 23:20 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-08-18 23:20 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-08-18 23:20 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2016-08-18 23:20 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2016-08-18 23:20 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-08-18 23:20 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-08-18 23:20 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-08-18 23:20 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-08-18 23:20 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-08-18 23:20 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-08-18 23:20 - 2015-07-25 23:40 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-08-18 23:20 - 2015-07-25 23:30 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-08-18 23:20 - 2015-07-23 22:55 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-08-18 23:20 - 2015-07-23 22:52 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-08-18 23:20 - 2015-07-23 22:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-08-18 23:20 - 2015-07-22 00:02 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2016-08-18 23:20 - 2015-07-21 23:07 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2016-08-18 23:20 - 2015-07-16 22:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-08-18 23:20 - 2015-07-16 22:24 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2016-08-18 23:20 - 2015-07-16 21:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-08-18 23:20 - 2015-07-16 21:50 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2016-08-18 23:20 - 2015-07-16 00:04 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-08-18 23:20 - 2015-07-15 23:47 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-08-18 23:20 - 2015-07-15 23:36 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2016-08-18 23:20 - 2015-07-14 22:04 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2016-08-18 23:20 - 2015-07-14 21:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2016-08-18 23:20 - 2015-07-14 21:27 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2016-08-18 23:20 - 2015-07-11 20:25 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe
2016-08-18 23:20 - 2015-07-11 20:18 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-08-18 23:20 - 2015-07-11 19:46 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-08-18 23:20 - 2015-07-10 21:28 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-08-18 23:20 - 2015-07-10 21:07 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-08-18 23:20 - 2015-07-10 21:02 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-08-18 23:20 - 2015-07-10 20:43 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-08-18 23:20 - 2015-07-10 05:53 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-08-18 23:19 - 2016-08-03 02:25 - 00953472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-18 23:19 - 2016-08-03 02:24 - 01767008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 02:24 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-18 23:19 - 2016-08-03 02:23 - 01895576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-08-18 23:19 - 2016-08-03 02:22 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-08-18 23:19 - 2016-08-03 02:15 - 02881624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 02816016 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-08-18 23:19 - 2016-08-03 01:46 - 01951864 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 01563480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-08-18 23:19 - 2016-08-03 01:46 - 01561360 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ C:\Windows\system32\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-08-18 23:19 - 2016-08-03 01:38 - 03625928 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-18 23:19 - 2016-08-03 01:38 - 00252760 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-08-18 23:19 - 2016-08-03 01:32 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-08-18 23:19 - 2016-08-03 00:50 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-18 23:19 - 2016-08-03 00:49 - 02446336 _____ C:\Windows\system32\InputService.dll
2016-08-18 23:19 - 2016-08-03 00:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-08-18 23:19 - 2016-08-03 00:47 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-18 23:19 - 2016-08-03 00:47 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2016-08-18 23:19 - 2016-08-03 00:45 - 04847616 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-08-18 23:19 - 2016-08-03 00:44 - 00814592 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2016-08-18 23:19 - 2016-08-03 00:44 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-08-18 23:19 - 2016-08-03 00:43 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02839040 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02598912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-18 23:19 - 2016-08-03 00:42 - 02253824 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 03119104 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 01606656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-18 23:19 - 2016-08-03 00:41 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-08-18 23:19 - 2016-08-03 00:40 - 00338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-18 23:19 - 2016-08-03 00:40 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2016-08-18 23:19 - 2016-08-03 00:38 - 03873280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-08-18 23:19 - 2016-08-03 00:38 - 00819712 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-08-18 23:19 - 2016-08-03 00:37 - 04453888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-08-18 23:19 - 2016-08-03 00:37 - 04168704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-08-18 23:19 - 2016-08-03 00:36 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2016-08-18 23:19 - 2016-08-03 00:35 - 01717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-18 23:19 - 2016-08-03 00:35 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 02587136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 02198016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-08-18 23:19 - 2016-08-03 00:33 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-08-18 23:19 - 2016-08-03 00:33 - 01387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 01492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-18 23:19 - 2016-08-03 00:32 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-18 23:19 - 2016-08-03 00:30 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-08-18 23:19 - 2016-08-03 00:30 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\dbgcore.dll
2016-08-18 23:19 - 2016-08-03 00:28 - 03692032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-08-18 23:19 - 2016-08-03 00:27 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-08-18 23:19 - 2016-08-03 00:26 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-18 23:19 - 2016-08-03 00:25 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-08-18 23:19 - 2016-08-03 00:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2016-08-18 23:19 - 2016-08-03 00:20 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgcore.dll
2016-08-18 23:19 - 2016-06-24 00:56 - 01823760 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-18 23:19 - 2016-06-24 00:25 - 01522632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-18 23:19 - 2016-05-28 01:02 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-08-18 23:19 - 2016-05-28 01:00 - 02543784 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-18 23:19 - 2016-05-28 01:00 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-08-18 23:19 - 2016-05-28 00:39 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-08-18 23:19 - 2016-05-28 00:39 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-08-18 23:19 - 2016-05-28 00:35 - 02188472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-18 23:19 - 2016-05-27 23:51 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-18 23:19 - 2016-05-27 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-08-18 23:19 - 2016-05-27 23:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-18 23:19 - 2016-05-27 23:39 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-08-18 23:19 - 2016-05-27 23:35 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-18 23:19 - 2016-04-09 06:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-08-18 23:19 - 2016-04-09 06:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-18 23:19 - 2016-04-09 06:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-08-18 23:19 - 2016-04-09 06:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-18 23:19 - 2016-03-16 00:56 - 01022664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-08-18 23:19 - 2016-03-16 00:55 - 01299032 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-08-18 23:19 - 2016-03-16 00:55 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-08-18 23:19 - 2016-03-15 23:42 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-08-18 23:19 - 2016-03-15 23:39 - 03363328 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-18 23:19 - 2016-03-15 23:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-08-18 23:19 - 2016-03-15 23:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-08-18 23:19 - 2016-03-15 23:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-08-18 23:19 - 2016-03-15 23:35 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-08-18 23:19 - 2016-03-15 23:35 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-08-18 23:19 - 2016-03-15 23:34 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-08-18 23:19 - 2016-03-15 23:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-08-18 23:19 - 2016-03-15 23:17 - 03680256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-18 23:19 - 2016-03-15 23:17 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-08-18 23:19 - 2016-03-15 23:13 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-08-18 23:19 - 2016-03-15 23:11 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-08-18 23:19 - 2016-02-23 09:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-08-18 23:19 - 2016-02-23 07:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-08-18 23:19 - 2016-02-23 07:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-08-18 23:19 - 2016-02-23 07:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-08-18 23:19 - 2016-02-23 06:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-08-18 23:19 - 2016-02-23 06:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-08-18 23:19 - 2016-02-23 06:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-08-18 23:19 - 2016-01-31 02:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-08-18 23:19 - 2016-01-31 02:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-08-18 23:19 - 2016-01-31 02:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-08-18 23:19 - 2016-01-31 01:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-08-18 23:19 - 2016-01-04 23:07 - 00377592 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-08-18 23:19 - 2016-01-04 23:06 - 01991120 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-08-18 23:19 - 2016-01-04 23:06 - 01270104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-08-18 23:19 - 2016-01-04 23:04 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00862056 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-08-18 23:19 - 2016-01-04 23:04 - 00787720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00249464 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00115704 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-08-18 23:19 - 2016-01-04 23:04 - 00083704 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-08-18 23:19 - 2016-01-04 22:50 - 00723648 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-18 23:19 - 2016-01-04 22:50 - 00345080 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:50 - 00205072 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 02459096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 02162064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 00368776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:30 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00695752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00107952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-08-18 23:19 - 2016-01-04 22:28 - 00072808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-08-18 23:19 - 2016-01-04 22:10 - 00305776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-08-18 23:19 - 2016-01-04 22:10 - 00188032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-08-18 23:19 - 2016-01-04 21:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:51 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:19 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-08-18 23:19 - 2016-01-04 21:19 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-08-18 23:19 - 2015-11-25 00:36 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-08-18 23:19 - 2015-11-25 00:31 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2016-08-18 23:19 - 2015-11-25 00:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2016-08-18 23:19 - 2015-11-25 00:29 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-08-18 23:19 - 2015-11-25 00:16 - 01442816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-08-18 23:19 - 2015-11-25 00:10 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-08-18 23:19 - 2015-11-05 00:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-08-18 23:19 - 2015-11-05 00:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-08-18 23:19 - 2015-11-04 23:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-08-18 23:19 - 2015-11-04 23:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2016-08-18 23:19 - 2015-09-25 00:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-08-18 23:19 - 2015-09-24 23:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-08-18 23:19 - 2015-09-24 23:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-08-18 23:19 - 2015-09-24 22:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-08-18 23:19 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-08-18 23:19 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-08-18 23:19 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-08-18 23:19 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-08-18 23:19 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-08-18 23:19 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-08-18 23:19 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-08-18 23:19 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-08-18 23:19 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-08-18 23:19 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-08-18 23:19 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-08-18 23:19 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-08-18 23:19 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-08-18 23:19 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-08-18 23:19 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-08-18 23:19 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-08-18 23:19 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-08-18 23:19 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2016-08-18 23:19 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-08-18 23:19 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-08-18 23:19 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-08-18 23:19 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-08-18 23:19 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-08-18 23:19 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-08-18 23:19 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-08-18 23:19 - 2015-08-20 01:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-08-18 23:19 - 2015-08-18 02:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-08-18 23:19 - 2015-08-18 02:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-08-18 23:19 - 2015-08-18 02:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-08-18 23:19 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2016-08-18 23:19 - 2015-08-11 05:14 - 00404480 _____ C:\Windows\system32\diagtrack_wininternal.dll
2016-08-18 23:19 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2016-08-18 23:19 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-08-18 23:19 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-18 23:19 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-18 23:19 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-18 23:19 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-08-18 23:19 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2016-08-18 23:19 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2016-08-18 23:19 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-08-18 23:19 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-08-18 23:19 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-08-18 23:19 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-08-18 23:19 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-08-18 23:19 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-08-18 23:19 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-08-18 23:19 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-08-18 23:19 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-08-18 23:19 - 2015-07-25 23:49 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-08-18 23:19 - 2015-07-25 23:38 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-08-18 23:19 - 2015-07-21 23:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-08-18 23:19 - 2015-07-18 03:43 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2016-08-18 23:19 - 2015-07-18 01:17 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2016-08-18 23:19 - 2015-07-18 00:06 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2016-08-18 23:19 - 2015-07-17 23:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-08-18 23:19 - 2015-07-14 21:57 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2016-08-18 23:19 - 2015-07-13 21:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2016-08-18 23:19 - 2015-07-12 20:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-08-18 23:19 - 2015-07-12 19:30 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-08-18 23:19 - 2015-07-10 21:05 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-08-18 23:19 - 2015-07-10 21:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-18 23:19 - 2015-07-10 20:42 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-08-18 23:19 - 2015-07-10 20:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-18 23:19 - 2015-07-10 06:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2016-08-18 23:19 - 2015-07-10 05:29 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-08-18 23:18 - 2016-08-03 02:25 - 00365120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-18 23:18 - 2016-08-03 02:15 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-08-18 23:18 - 2016-08-03 01:46 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-18 23:18 - 2016-08-03 01:46 - 00601336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-18 23:18 - 2016-08-03 01:46 - 00432352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-18 23:18 - 2016-08-03 01:44 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-08-18 23:18 - 2016-08-03 01:44 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-08-18 23:18 - 2016-08-03 01:38 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-08-18 23:18 - 2016-08-03 01:09 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-18 23:18 - 2016-08-03 00:46 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-08-18 23:18 - 2016-08-03 00:46 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-08-18 23:18 - 2016-08-03 00:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-18 23:18 - 2016-08-03 00:40 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 05448704 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00587776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-18 23:18 - 2016-08-03 00:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-18 23:18 - 2016-08-03 00:35 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-08-18 23:18 - 2016-08-03 00:35 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-08-18 23:18 - 2016-08-03 00:34 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-08-18 23:18 - 2016-08-03 00:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-18 23:18 - 2016-08-03 00:33 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-08-18 23:18 - 2016-08-03 00:33 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-08-18 23:18 - 2016-08-03 00:32 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-08-18 23:18 - 2016-08-03 00:32 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-18 23:18 - 2016-08-03 00:31 - 05329408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-08-18 23:18 - 2016-08-03 00:31 - 01096192 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-08-18 23:18 - 2016-08-03 00:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-08-18 23:18 - 2016-08-03 00:26 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-08-18 23:18 - 2016-08-03 00:25 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-08-18 23:18 - 2016-08-03 00:21 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-08-18 23:18 - 2016-06-25 01:38 - 01119744 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-18 23:18 - 2016-06-23 23:55 - 01012736 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-08-18 23:18 - 2016-06-23 23:44 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-08-18 23:18 - 2016-05-28 00:21 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-08-18 23:18 - 2016-05-28 00:21 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-08-18 23:18 - 2016-05-28 00:09 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-08-18 23:18 - 2016-05-27 23:54 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-18 23:18 - 2016-05-27 23:25 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-08-18 23:18 - 2016-04-15 02:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-08-18 23:18 - 2016-04-09 03:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-18 23:18 - 2016-03-16 00:56 - 00861512 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-08-18 23:18 - 2016-03-15 23:44 - 01016832 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-08-18 23:18 - 2016-03-15 23:43 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-08-18 23:18 - 2016-03-15 23:42 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-08-18 23:18 - 2016-03-15 23:40 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-08-18 23:18 - 2016-03-15 23:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-08-18 23:18 - 2016-03-15 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll
2016-08-18 23:18 - 2016-02-23 10:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-18 23:18 - 2016-02-23 09:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-18 23:18 - 2016-02-23 08:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-18 23:18 - 2016-02-23 07:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-08-18 23:18 - 2016-02-23 06:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-08-18 23:18 - 2016-02-23 06:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-08-18 23:18 - 2016-02-23 06:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-08-18 23:18 - 2016-01-31 01:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-08-18 23:18 - 2016-01-31 01:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-18 23:18 - 2016-01-31 01:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-08-18 23:18 - 2016-01-31 01:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-18 23:18 - 2016-01-04 23:04 - 00772448 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-18 23:18 - 2016-01-04 23:04 - 00751992 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-08-18 23:18 - 2016-01-04 23:04 - 00667856 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-08-18 23:18 - 2016-01-04 22:30 - 01106872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00714808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00696192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-08-18 23:18 - 2016-01-04 22:28 - 00497896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-08-18 23:18 - 2016-01-04 22:28 - 00116728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-08-18 23:18 - 2016-01-04 22:15 - 00931328 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-18 23:18 - 2016-01-04 22:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-18 23:18 - 2016-01-04 21:51 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-08-18 23:18 - 2016-01-04 21:51 - 01009664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-08-18 23:18 - 2016-01-04 21:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-08-18 23:18 - 2016-01-04 21:42 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-08-18 23:18 - 2016-01-04 21:20 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-08-18 23:18 - 2016-01-04 21:19 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-08-18 23:18 - 2016-01-04 21:19 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-08-18 23:18 - 2015-11-25 01:27 - 01366680 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-08-18 23:18 - 2015-11-25 01:09 - 01310880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-08-18 23:18 - 2015-11-25 00:37 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-18 23:18 - 2015-11-25 00:35 - 00929792 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-08-18 23:18 - 2015-11-25 00:35 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2016-08-18 23:18 - 2015-11-25 00:29 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2016-08-18 23:18 - 2015-11-25 00:26 - 00849408 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-08-18 23:18 - 2015-11-25 00:23 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-18 23:18 - 2015-11-25 00:22 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-08-18 23:18 - 2015-11-25 00:17 - 00774656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-08-18 23:18 - 2015-11-25 00:16 - 00786432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2016-08-18 23:18 - 2015-11-25 00:13 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-18 23:18 - 2015-11-25 00:08 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-08-18 23:18 - 2015-11-05 01:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-08-18 23:18 - 2015-11-05 00:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2016-08-18 23:18 - 2015-11-04 23:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-08-18 23:18 - 2015-11-04 23:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-08-18 23:18 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-08-18 23:18 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-08-18 23:18 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-08-18 23:18 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-08-18 23:18 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2016-08-18 23:18 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-08-18 23:18 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-08-18 23:18 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-08-18 23:18 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2016-08-18 23:18 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-08-18 23:18 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-08-18 23:18 - 2015-08-20 02:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-08-18 23:18 - 2015-08-20 01:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-08-18 23:18 - 2015-08-18 02:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-08-18 23:18 - 2015-08-18 02:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2016-08-18 23:18 - 2015-08-18 02:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-08-18 23:18 - 2015-08-18 02:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2016-08-18 23:18 - 2015-08-18 02:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2016-08-18 23:18 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-18 23:18 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-08-18 23:18 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-08-18 23:18 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2016-08-18 23:18 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2016-08-18 23:18 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-08-18 23:18 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2016-08-18 23:18 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-08-18 23:18 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-08-18 23:18 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-18 23:18 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-08-18 23:18 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-18 23:18 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-08-18 23:18 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-08-18 23:18 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2016-08-18 23:18 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-08-18 23:18 - 2015-07-25 23:49 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-08-18 23:18 - 2015-07-25 23:34 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-08-18 23:18 - 2015-07-23 23:17 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2016-08-18 23:18 - 2015-07-23 23:17 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2016-08-18 23:18 - 2015-07-18 04:47 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2016-08-18 23:18 - 2015-07-18 03:37 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-08-18 23:18 - 2015-07-18 03:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-08-18 23:18 - 2015-07-17 23:59 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-08-18 23:18 - 2015-07-17 23:59 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2016-08-18 23:18 - 2015-07-16 22:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2016-08-18 23:18 - 2015-07-16 00:03 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-08-18 23:18 - 2015-07-15 23:41 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2016-08-18 23:18 - 2015-07-14 22:22 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-08-18 23:18 - 2015-07-14 21:47 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-08-18 23:18 - 2015-07-14 21:37 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2016-08-18 23:18 - 2015-07-10 11:51 - 00823336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-08-18 23:18 - 2015-07-10 11:00 - 01101792 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-08-18 23:18 - 2015-07-10 06:59 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll
2016-08-18 23:18 - 2015-07-10 06:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-08-18 23:17 - 2016-08-03 01:46 - 00632680 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-18 23:17 - 2016-08-03 00:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-08-18 23:17 - 2016-08-03 00:47 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-08-18 23:17 - 2016-08-03 00:47 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-08-18 23:17 - 2016-08-03 00:46 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-08-18 23:17 - 2016-08-03 00:44 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-08-18 23:17 - 2016-08-03 00:43 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-08-18 23:17 - 2016-08-03 00:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-08-18 23:17 - 2016-08-03 00:42 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-08-18 23:17 - 2016-08-03 00:40 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-08-18 23:17 - 2016-08-03 00:39 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-08-18 23:17 - 2016-08-03 00:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-08-18 23:17 - 2016-08-03 00:38 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-08-18 23:17 - 2016-08-03 00:38 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-08-18 23:17 - 2016-08-03 00:36 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-08-18 23:17 - 2016-08-03 00:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-08-18 23:17 - 2016-08-03 00:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-08-18 23:17 - 2016-08-03 00:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-08-18 23:17 - 2016-08-03 00:32 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-08-18 23:17 - 2016-08-03 00:31 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2016-08-18 23:17 - 2016-08-03 00:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-08-18 23:17 - 2016-08-03 00:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-08-18 23:17 - 2016-08-03 00:29 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-08-18 23:17 - 2016-08-03 00:21 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-08-18 23:17 - 2016-06-23 23:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-18 23:17 - 2016-06-23 23:22 - 00309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-18 23:17 - 2016-05-28 01:02 - 00421536 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-08-18 23:17 - 2016-05-28 01:00 - 00203496 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-08-18 23:17 - 2016-05-28 00:59 - 00363872 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-18 23:17 - 2016-05-28 00:47 - 00613120 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-08-18 23:17 - 2016-05-28 00:47 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-08-18 23:17 - 2016-05-28 00:38 - 00372368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-08-18 23:17 - 2016-05-28 00:38 - 00306528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-18 23:17 - 2016-05-28 00:35 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-08-18 23:17 - 2016-03-16 00:41 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-08-18 23:17 - 2016-03-16 00:06 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-08-18 23:17 - 2016-03-15 23:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-08-18 23:17 - 2016-03-15 23:55 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-08-18 23:17 - 2016-03-15 23:55 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-08-18 23:17 - 2016-03-15 23:40 - 00931840 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-08-18 23:17 - 2016-03-15 23:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-08-18 23:17 - 2016-03-15 23:37 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-08-18 23:17 - 2016-03-15 23:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-08-18 23:17 - 2016-03-15 23:36 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-08-18 23:17 - 2016-03-15 23:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-08-18 23:17 - 2016-03-15 23:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-08-18 23:17 - 2016-03-15 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-08-18 23:17 - 2016-03-15 23:17 - 00842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-08-18 23:17 - 2016-03-15 23:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-08-18 23:17 - 2016-03-15 23:14 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-08-18 23:17 - 2016-03-15 23:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-08-18 23:17 - 2016-02-23 10:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-08-18 23:17 - 2016-02-23 09:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-08-18 23:17 - 2016-01-31 01:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-08-18 23:17 - 2016-01-31 01:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-08-18 23:17 - 2016-01-04 23:04 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:52 - 00441696 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-18 23:17 - 2016-01-04 22:50 - 00251544 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:28 - 00277400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-08-18 23:17 - 2016-01-04 22:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2016-08-18 23:17 - 2016-01-04 22:10 - 00278424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-08-18 23:17 - 2016-01-04 21:38 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2016-08-18 23:17 - 2015-11-25 00:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2016-08-18 23:17 - 2015-11-25 00:04 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-08-18 23:17 - 2015-11-25 00:04 - 00474624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-18 23:17 - 2015-11-24 22:52 - 00775312 _____ C:\Windows\SysWOW64\locale.nls
2016-08-18 23:17 - 2015-11-24 22:52 - 00775312 _____ C:\Windows\system32\locale.nls
2016-08-18 23:17 - 2015-11-04 23:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-08-18 23:17 - 2015-11-04 23:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-08-18 23:17 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-08-18 23:17 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-18 23:17 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-08-18 23:17 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-08-18 23:17 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-08-18 23:17 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-08-18 23:17 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-08-18 23:17 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-08-18 23:17 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-08-18 23:17 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-08-18 23:17 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2016-08-18 23:17 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-08-18 23:17 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2016-08-18 23:17 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-08-18 23:17 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2016-08-18 23:17 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2016-08-18 23:17 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2016-08-18 23:17 - 2015-08-18 02:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2016-08-18 23:17 - 2015-08-11 05:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2016-08-18 23:17 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2016-08-18 23:17 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2016-08-18 23:17 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-08-18 23:17 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-08-18 23:17 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-08-18 23:17 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-08-18 23:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-08-18 23:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-08-18 23:17 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2016-08-18 23:17 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-08-18 23:17 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2016-08-18 23:17 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-08-18 23:17 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2016-08-18 23:17 - 2015-07-25 23:47 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-08-18 23:17 - 2015-07-25 23:35 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-08-18 23:17 - 2015-07-23 23:12 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-08-18 23:17 - 2015-07-23 22:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2016-08-18 23:17 - 2015-07-18 23:23 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-08-18 23:17 - 2015-07-18 23:18 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-08-18 23:17 - 2015-07-18 01:02 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-08-18 23:17 - 2015-07-17 23:49 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-08-18 23:17 - 2015-07-17 23:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2016-08-18 23:17 - 2015-07-15 23:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2016-08-18 23:17 - 2015-07-15 23:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2016-08-18 23:17 - 2015-07-10 11:47 - 00265480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-08-18 23:17 - 2015-07-10 10:52 - 00335248 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-08-18 23:16 - 2016-08-03 02:15 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2016-08-18 23:16 - 2016-08-03 01:46 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-18 23:16 - 2016-08-03 00:57 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-18 23:16 - 2016-08-03 00:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2016-08-18 23:16 - 2016-08-03 00:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-08-18 23:16 - 2016-08-03 00:38 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-08-18 23:16 - 2016-08-03 00:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-08-18 23:16 - 2016-08-03 00:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassvcs.dll
2016-08-18 23:16 - 2016-08-03 00:36 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-08-18 23:16 - 2016-08-03 00:35 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-08-18 23:16 - 2016-08-03 00:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-08-18 23:16 - 2016-08-03 00:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-18 23:16 - 2016-08-03 00:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-08-18 23:16 - 2016-08-03 00:31 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-18 23:16 - 2016-08-03 00:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-08-18 23:16 - 2016-08-03 00:29 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-08-18 23:16 - 2016-08-03 00:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-18 23:16 - 2016-08-03 00:26 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-08-18 23:16 - 2016-08-03 00:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-08-18 23:16 - 2016-08-03 00:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-08-18 23:16 - 2016-05-28 01:02 - 00113144 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-18 23:16 - 2016-05-28 00:59 - 00131208 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-08-18 23:16 - 2016-05-28 00:53 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2016-08-18 23:16 - 2016-05-28 00:38 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-18 23:16 - 2016-05-28 00:35 - 00112632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-08-18 23:16 - 2016-05-27 23:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-08-18 23:16 - 2016-05-27 23:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-08-18 23:16 - 2016-03-15 23:55 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-08-18 23:16 - 2016-03-15 23:47 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-18 23:16 - 2016-03-15 23:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-18 23:16 - 2016-03-15 23:43 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-08-18 23:16 - 2016-03-15 23:40 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-08-18 23:16 - 2016-03-15 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-08-18 23:16 - 2016-03-15 23:36 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-08-18 23:16 - 2016-03-15 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-08-18 23:16 - 2016-03-15 23:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-18 23:16 - 2016-03-15 23:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-18 23:16 - 2016-03-15 23:20 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-08-18 23:16 - 2016-03-15 23:17 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2016-08-18 23:16 - 2016-03-15 23:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-08-18 23:16 - 2016-03-15 23:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-08-18 23:16 - 2016-02-23 10:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-08-18 23:16 - 2016-02-23 10:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-08-18 23:16 - 2016-02-23 10:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-08-18 23:16 - 2016-02-23 10:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-08-18 23:16 - 2016-02-23 09:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-08-18 23:16 - 2016-02-23 09:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-08-18 23:16 - 2016-02-23 09:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-08-18 23:16 - 2016-02-23 09:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-08-18 23:16 - 2016-02-23 09:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-08-18 23:16 - 2016-02-23 07:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-08-18 23:16 - 2016-02-23 07:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-08-18 23:16 - 2016-02-23 06:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-08-18 23:16 - 2016-01-31 01:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-08-18 23:16 - 2016-01-31 01:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-08-18 23:16 - 2016-01-31 00:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-08-18 23:16 - 2016-01-04 22:50 - 01817064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-08-18 23:16 - 2015-12-01 02:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2016-08-18 23:16 - 2015-11-25 01:32 - 00113184 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-08-18 23:16 - 2015-11-25 00:59 - 00092992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-08-18 23:16 - 2015-11-25 00:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-08-18 23:16 - 2015-11-25 00:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-08-18 23:16 - 2015-11-25 00:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-08-18 23:16 - 2015-11-05 00:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-18 23:16 - 2015-10-10 03:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-18 23:16 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-08-18 23:16 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2016-08-18 23:16 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-08-18 23:16 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-08-18 23:16 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-08-18 23:16 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-08-18 23:16 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-08-18 23:16 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-08-18 23:16 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-08-18 23:16 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2016-08-18 23:16 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2016-08-18 23:16 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2016-08-18 23:16 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-08-18 23:16 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-08-18 23:16 - 2015-08-18 02:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2016-08-18 23:16 - 2015-08-18 02:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2016-08-18 23:16 - 2015-08-18 02:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2016-08-18 23:16 - 2015-08-18 02:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-08-18 23:16 - 2015-08-18 00:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2016-08-18 23:16 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2016-08-18 23:16 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-08-18 23:16 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2016-08-18 23:16 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-08-18 23:16 - 2015-07-25 23:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2016-08-18 23:16 - 2015-07-25 23:29 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2016-08-18 23:16 - 2015-07-22 00:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-08-18 23:16 - 2015-07-21 23:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-08-18 23:16 - 2015-07-17 23:49 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-08-18 23:16 - 2015-07-17 23:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-08-18 23:16 - 2015-07-16 22:39 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-08-18 23:16 - 2015-07-16 22:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-08-18 23:16 - 2015-07-13 21:38 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-08-18 23:16 - 2015-07-13 21:20 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-08-18 23:16 - 2015-07-10 06:42 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2016-08-18 21:46 - 2016-08-18 21:46 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-08-17 23:26 - 2016-08-17 23:26 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-17 23:26 - 2016-08-17 23:26 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-10 19:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2016-09-10 19:30 - 2016-07-28 17:53 - 00000000 ____D C:\Users\Ryan\AppData\Local\Packages
2016-09-10 16:46 - 2016-07-28 15:19 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-10 16:35 - 2016-07-28 15:19 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-09 19:31 - 2015-07-10 07:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-09 19:27 - 2015-07-10 07:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-09 19:25 - 2015-07-10 07:02 - 00000000 ____D C:\Windows\INF
2016-09-09 19:24 - 2015-07-10 05:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-09-09 19:23 - 2016-07-28 15:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-09 19:23 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-09 19:23 - 2015-07-10 08:20 - 00423648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-09 19:22 - 2016-07-28 15:19 - 00000000 ____D C:\Program Files\Google
2016-09-09 19:22 - 2016-07-28 15:19 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-09 19:22 - 2015-07-10 05:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-06 00:35 - 2016-07-28 17:52 - 00000000 ____D C:\Users\Ryan
2016-09-05 19:11 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-05 18:40 - 2016-07-28 15:19 - 00003996 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-05 18:40 - 2016-07-28 15:19 - 00003764 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-05 13:35 - 2016-07-28 15:19 - 00000000 ____D C:\Users\Ryan\AppData\Local\Google
2016-09-04 20:50 - 2015-07-16 12:39 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-31 22:22 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\NDF
2016-08-31 13:02 - 2016-07-28 18:11 - 00000000 ____D C:\Users\Ryan\AppData\Local\MicrosoftEdge
2016-08-29 10:59 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\System
2016-08-26 22:33 - 2015-07-10 09:14 - 00000000 ____D C:\Windows\ShellNew
2016-08-26 22:30 - 2015-07-10 07:04 - 00000076 _____ C:\Windows\win.ini
2016-08-26 22:30 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-22 20:46 - 2016-07-28 17:55 - 00002360 _____ C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-22 20:46 - 2016-07-28 17:55 - 00000000 ___RD C:\Users\Ryan\OneDrive
2016-08-22 17:58 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\rescache
2016-08-20 16:37 - 2016-07-28 15:18 - 00000000 ____D C:\MSI
2016-08-20 12:51 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-08-20 12:45 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2016-08-19 17:03 - 2015-07-10 07:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-19 16:56 - 2016-07-28 15:20 - 00000000 ____D C:\ProgramData\Norton
2016-08-19 13:03 - 2015-07-16 12:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-19 06:46 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-19 06:33 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-08-19 06:33 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-08-19 06:33 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\oobe
2016-08-19 06:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-19 06:32 - 2015-07-10 05:05 - 00000000 ____D C:\Windows\system32\Dism
2016-08-19 06:31 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-08-19 06:31 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-19 04:26 - 2016-07-28 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
 
==================== Files in the root of some directories =======
 
2016-06-17 02:54 - 2016-06-17 02:54 - 0001129 _____ () C:\Users\Ryan\AppData\Roaming\24.svg
2016-06-17 02:54 - 2016-06-17 02:54 - 0004206 _____ () C:\Users\Ryan\AppData\Roaming\additional_tools_get_help_icon.png
2016-06-17 02:54 - 2016-06-17 02:54 - 0000369 _____ () C:\Users\Ryan\AppData\Roaming\amd.js
2016-06-17 02:53 - 2016-06-17 02:53 - 0000528 _____ () C:\Users\Ryan\AppData\Roaming\cd.png
2016-06-17 02:53 - 2016-06-17 02:53 - 0001744 _____ () C:\Users\Ryan\AppData\Roaming\current.docid.xml
2014-11-29 10:40 - 2014-11-29 10:40 - 0029926 _____ () C:\Users\Ryan\AppData\Roaming\drijnall.gsf
2016-08-19 18:03 - 2016-08-19 18:03 - 0000250 _____ () C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
2014-11-29 10:40 - 2014-11-29 10:40 - 0000766 _____ () C:\Users\Ryan\AppData\Roaming\fod.cv
2014-05-19 09:24 - 2014-05-19 09:24 - 0016958 _____ () C:\Users\Ryan\AppData\Roaming\gcixonr.kmi
2016-08-19 21:58 - 2016-08-20 16:36 - 0003998 _____ () C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
1985-05-14 03:00 - 1985-05-14 03:00 - 0049853 _____ () C:\Users\Ryan\AppData\Roaming\Horologium.n
2014-11-29 10:40 - 2014-11-29 10:40 - 0002862 _____ () C:\Users\Ryan\AppData\Roaming\jun.cbfs
2016-08-19 18:03 - 2016-08-19 18:03 - 0003748 _____ () C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-21 17:19 - 2016-08-21 17:19 - 0049672 _____ () C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 0009994 _____ () C:\Users\Ryan\AppData\Roaming\rowgleru
2014-11-29 10:40 - 2014-11-29 10:40 - 0000326 _____ () C:\Users\Ryan\AppData\Roaming\uesdiww.ikdu
2014-11-29 10:40 - 2014-11-29 10:40 - 0007886 _____ () C:\Users\Ryan\AppData\Roaming\yvpc.yf
2016-08-19 22:14 - 2016-08-19 22:14 - 0000480 ____H () C:\Users\Ryan\AppData\Roaming\½Ó
2014-11-29 10:40 - 2014-11-29 10:40 - 0001078 _____ () C:\Users\Ryan\AppData\Local\dpkng.kw
2014-11-08 00:42 - 2014-11-08 00:42 - 0029926 _____ () C:\Users\Ryan\AppData\Local\eq.sgfp
2016-08-23 13:02 - 2016-08-23 13:02 - 0049672 _____ () C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 0012228 _____ () C:\Users\Ryan\AppData\Local\gchbgoka
2014-11-29 10:40 - 2014-11-29 10:40 - 0009062 _____ () C:\Users\Ryan\AppData\Local\udjc.uk
2016-08-27 18:31 - 2016-08-27 18:31 - 0000008 ____H () C:\ProgramData\@000001.dat
2016-08-19 22:15 - 2016-08-29 10:54 - 0000920 ____H () C:\ProgramData\@system.temp
2016-08-19 22:14 - 2016-08-29 10:54 - 0000656 ____H () C:\ProgramData\@system3.att
2016-08-20 12:50 - 2016-08-20 12:50 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Files to move or delete:
====================
C:\ProgramData\@000001.dat
 

Some files in TEMP:
====================
C:\Users\Ryan\AppData\Local\Temp\libeay32.dll
C:\Users\Ryan\AppData\Local\Temp\msvcr120.dll
C:\Users\Ryan\AppData\Local\Temp\sqlite3.dll
 

==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-09-08 21:01
 
==================== End of FRST.txt ============================

  • 0

#5
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
somehow it worked after I typed text

  • 0

#6
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Ryan (10-09-2016 19:35:21)
Running from C:\Users\Ryan\Downloads
Windows 10 Home (X64) (2016-07-28 21:52:14)
Boot Mode: Normal
==========================================================
 

==================== Accounts: =============================
 
Administrator (S-1-5-21-868973554-806322924-1075547668-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-868973554-806322924-1075547668-503 - Limited - Disabled)
Guest (S-1-5-21-868973554-806322924-1075547668-501 - Limited - Disabled)
Ryan (S-1-5-21-868973554-806322924-1075547668-1002 - Administrator - Enabled) => C:\Users\Ryan
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-868973554-806322924-1075547668-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk Revit 2016 (HKLM\...\Autodesk Revit 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Revit Content Libraries 2016 (HKLM\...\Autodesk Revit Content Libraries 2016) (Version: 16.0.428.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.266 - McAfee, Inc.)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.021 - MSI)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Revit 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Unchecky v1.0.1 (HKLM-x32\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-868973554-806322924-1075547668-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02487989-C52C-4D33-A6D8-A62F1B1C28DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {52B15616-30F8-46FD-AD8D-F2150563E29F} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {583D40CB-4B24-47C4-878A-479E5D88D45B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {644956A6-CF7B-4C8D-A37E-FFF74FB73656} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {681EB85C-FF5A-4F32-B8AA-E7FE2D3E0DD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {6EB3E0FA-60E4-42E3-8D26-60623584C282} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-A6RCKOD-Ryan DESKTOP-A6RCKOD => C:\Program Files\Microsoft Office\Office15\MsoSync.exe
Task: {74E77808-6990-4AB4-8E28-85E7AF5398C1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-05] (Microsoft Corporation)
Task: {99CB7F4C-AC93-4010-8C11-685106391E0F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A3B07E39-1874-4921-861B-B885F0EB89DC} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {AE7FF614-B27D-4F45-8E7F-B70AD6713C90} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B06CB1C1-BC5B-4A2F-9AA6-20BA78EB2E76} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {BA652388-2F6A-4B4E-A4EA-E675C36EA1B9} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {CF9D793A-6D6D-4F54-8122-97166BBDC811} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-22] (Microsoft Corporation)
Task: {DDA8ECD5-7230-448B-9D87-78F69B750146} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {E481C995-D7B8-4954-9E81-453E6F2FAB07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Ryan\AppData\Local\751c12\230b29.lnk -> C:\Users\Ryan\AppData\Local\751c12\ed6901.bat (No File)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-08-18 23:20 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-08-18 23:19 - 2015-08-11 05:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-08-18 23:19 - 2016-08-03 01:44 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-08-22 20:46 - 2016-08-22 20:46 - 01864384 _____ () C:\Users\Ryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-05 19:18 - 2016-09-05 19:18 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-18 23:17 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2016-08-18 23:20 - 2016-08-03 00:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-18 23:20 - 2015-11-25 00:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-18 23:20 - 2016-08-03 00:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-18 23:20 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-08-18 20:45 - 2016-08-18 20:45 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-18 20:45 - 2016-08-18 20:45 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-18 20:45 - 2016-08-18 20:45 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-07-28 15:32 - 2016-07-28 15:32 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-20 16:37 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-09-05 19:19 - 2016-09-05 19:19 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 

==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 

==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 07:04 - 2016-09-09 19:23 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 more lines.
 

==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-868973554-806322924-1075547668-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 

==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{39BDBC23-656C-4378-A970-5E9B6606822F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{39E2CB76-C665-4615-871E-B6EA9F2BB9B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F54EA869-89A8-4292-80A4-D956B2B48A98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C60DDCB0-E6C4-42F4-9E93-14F9ED88F1EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{ED0A2ECF-8860-4457-8947-FD0F33D05554}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
 
==================== Restore Points =========================
 
30-08-2016 23:51:22 End of disinfection
08-09-2016 21:04:34 Scheduled Checkpoint
09-09-2016 19:31:08 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/09/2016 08:01:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 1.0.1607.22006 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 20d8
 
Start Time: 01d20af50707b59d
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
 
Report Id: b37bc383-76e9-11e6-9bdd-408d5c7291e8
 
Faulting package full name: Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Error: (09/09/2016 07:31:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (09/09/2016 07:14:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cb
Faulting module name: MosHostCore.dll, version: 10.0.10240.17071, time stamp: 0x57a1746d
Exception code: 0xc0000005
Fault offset: 0x00000000000096f2
Faulting process id: 0xfb4
Faulting application start time: 0x01d20a8b37a8b3c7
Faulting application path: C:\Windows\System32\svchost.exe
Faulting module path: C:\Windows\System32\MosHostCore.dll
Report Id: d1101b0e-ae1a-43ce-8b27-60e73893b28a
Faulting package full name:
Faulting package-relative application ID:
 
Error: (09/08/2016 09:04:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (09/08/2016 08:52:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-A6RCKOD.local already in use; will try DESKTOP-A6RCKOD-2.local instead
 
Error: (09/08/2016 08:52:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 DESKTOP-A6RCKOD.local. Addr 192.168.0.13
 
Error: (09/08/2016 08:52:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.13:5353   16 DESKTOP-A6RCKOD.local. AAAA 2601:0840:8102:3430:31FC:95BA:560E:7CBE
 
Error: (09/08/2016 03:33:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-A6RCKOD)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (09/08/2016 03:33:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-A6RCKOD)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (09/08/2016 12:18:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cb
Faulting module name: MosHostCore.dll, version: 10.0.10240.17071, time stamp: 0x57a1746d
Exception code: 0xc0000005
Fault offset: 0x00000000000096f2
Faulting process id: 0x2938
Faulting application start time: 0x01d209880a2945f0
Faulting application path: C:\Windows\System32\svchost.exe
Faulting module path: C:\Windows\System32\MosHostCore.dll
Report Id: 81f82093-0a60-4427-9f78-f84f0ead22d8
Faulting package full name:
Faulting package-relative application ID:
 

System errors:
=============
Error: (09/10/2016 07:34:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.
 
Error: (09/09/2016 07:31:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/09/2016 07:22:41 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
 
Error: (09/09/2016 07:22:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device Service service failed to start due to the following error:
The pipe has been ended.
 
Error: (09/09/2016 07:22:05 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
 
Error: (09/09/2016 07:21:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/09/2016 07:21:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/09/2016 07:21:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/09/2016 07:21:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/09/2016 07:21:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 

==================== Memory info ===========================
 
Processor: Intel® Core™ i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 33%
Total physical RAM: 8144.67 MB
Available physical RAM: 5403.79 MB
Total Virtual: 9424.67 MB
Available Virtual: 6591.96 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.02 GB) (Free:880.74 GB) NTFS
Drive e: () (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT
Drive f: () (Removable) (Total:7.6 GB) (Free:7.16 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 63D94302)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7.6 GB) (Disk ID: E766A8CF)
Partition 1: (Not Active) - (Size=7.6 GB) - (Type=0B)
 
========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 00EFCBF0)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)
 
==================== End of Addition.txt ============================


  • 0

#7
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Thanks for those logs, I'll review. In the mean time,

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.

    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next

  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.

    Posting the Malwarebytes log.

    [list]
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

    In your next reply post;
  • The AdwCleaner [C1].txt Log
  • The JRT.txt Log
  • Malwarebyteslog






  • 0

#8
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
 
# AdwCleaner v6.010 - Logfile created 11/09/2016 at 02:13:08
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-10.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Ryan - DESKTOP-A6RCKOD
# Running from : C:\Users\Ryan\Downloads\adwcleaner_6.010.exe
# Mode: Clean
# Support : https://toolslib.net/forum
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
 
 
***** [ Web browsers ] *****
 
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1060 Bytes] - [09/09/2016 19:21:20]
C:\AdwCleaner\AdwCleaner[C2].txt - [816 Bytes] - [11/09/2016 02:13:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [1283 Bytes] - [09/09/2016 19:20:38]
C:\AdwCleaner\AdwCleaner[S1].txt - [1281 Bytes] - [11/09/2016 02:12:16]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1034 Bytes] ##########


  • 0

#9
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Ryan (Administrator) on Sun 09/11/2016 at  2:50:57.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

File System: 0
 
 
 

Registry: 1
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85F4FD30-6678-48CB-AA0B-8055550F3547} (Registry Key)
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/11/2016 at  2:52:43.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#10
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Ryan (Administrator) on Sun 09/11/2016 at  2:50:57.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

File System: 0
 
 
 

Registry: 1
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85F4FD30-6678-48CB-AA0B-8055550F3547} (Registry Key)
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/11/2016 at  2:52:43.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

Advertisements


#11
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/11/2016
Scan Time: 2:57 AM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.09.11.03
Rootkit Database: v2016.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Ryan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313857
Time Elapsed: 9 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 

(end)


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Hello,

Download the enclosed => Attached File  fixlist.txt   3.08KB   49 downloads Save it in the location FRST64 is. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST is, (Fixlog.txt). Please post it to your reply.
  • 0

#13
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2016
Ran by Ryan (13-09-2016 17:44:23) Run:1
Running from C:\Users\Ryan\Downloads
Loaded Profiles: Ryan (Available Profiles: Ryan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
2016-08-23 13:02 - 2016-08-23 13:02 - 00049672 _____ C:\Users\Ryan\AppData\Local\fbbwudfn.jy
2016-08-23 13:02 - 2016-08-23 13:02 - 00012228 _____ C:\Users\Ryan\AppData\Local\gchbgoka
2016-08-21 17:19 - 2016-08-21 17:19 - 00049672 _____ C:\Users\Ryan\AppData\Roaming\opoweeai.drh
2016-08-21 17:19 - 2016-08-21 17:19 - 00009994 _____ C:\Users\Ryan\AppData\Roaming\rowgleru
2016-08-20 20:44 - 2016-08-21 13:19 - 00000000 ____D C:\ProgramData\RevitInterProcess
2016-08-20 20:43 - 2016-08-20 20:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-19 22:14 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\BrowserMe
2016-08-19 22:14 - 2016-08-29 10:54 - 00000656 ____H C:\ProgramData\@system3.att
2016-08-19 22:14 - 2016-08-19 22:14 - 00000480 ____H C:\Users\Ryan\AppData\Roaming\½Ó
2016-08-19 21:59 - 2016-08-29 10:57 - 00000000 ____D C:\Users\Ryan\AppData\Local\AXworks
2016-08-19 21:58 - 2016-08-20 16:36 - 00003998 _____ C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV
2016-08-19 18:03 - 2016-08-19 18:03 - 00003748 _____ C:\Users\Ryan\AppData\Roaming\juncture.txn
2016-08-19 18:03 - 2016-08-19 18:03 - 00000250 _____ C:\Users\Ryan\AppData\Roaming\ecbolic.xnm
C:\ProgramData\@000001.dat
C:\Users\Ryan\AppData\Local\Temp\libeay32.dll
C:\Users\Ryan\AppData\Local\Temp\msvcr120.dll
C:\Users\Ryan\AppData\Local\Temp\sqlite3.dll
C:\Users\Ryan\AppData\Local\751c12\ed6901.bat (No File)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
C:\Users\Ryan\AppData\Local\fbbwudfn.jy => moved successfully
C:\Users\Ryan\AppData\Local\gchbgoka => moved successfully
C:\Users\Ryan\AppData\Roaming\opoweeai.drh => moved successfully
C:\Users\Ryan\AppData\Roaming\rowgleru => moved successfully
C:\ProgramData\RevitInterProcess => moved successfully
C:\ProgramData\boost_interprocess => moved successfully
C:\Users\Ryan\AppData\Roaming\BrowserMe => moved successfully
C:\ProgramData\@system3.att => moved successfully
"C:\Users\Ryan\AppData\Roaming\½Ó" => not found.
C:\Users\Ryan\AppData\Local\AXworks => moved successfully
C:\Users\Ryan\AppData\Roaming\HandfulTupik.BVV => moved successfully
C:\Users\Ryan\AppData\Roaming\juncture.txn => moved successfully
C:\Users\Ryan\AppData\Roaming\ecbolic.xnm => moved successfully
C:\ProgramData\@000001.dat => moved successfully
C:\Users\Ryan\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\Ryan\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\Ryan\AppData\Local\Temp\sqlite3.dll => moved successfully
"C:\Users\Ryan\AppData\Local\751c12\ed6901.bat (No File)" => not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcapexe" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfeaack" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfeavfk" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfemms" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp" => key removed successfully
 
========= bitsadmin /reset /allusers =========
 

BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 

========= netsh winsock reset catalog =========
 

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 

========= End of CMD: =========
 
 

========= ipconfig /flushdns =========
 

Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 

========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-868973554-806322924-1075547668-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 

========= End of RemoveProxy: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 313683 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11769139 B
Java, Flash, Steam htmlcache => 1925 B
Windows/system/drivers => 1611650 B
Edge => 1014767429 B
Chrome => 464356232 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 481 B
systemprofile32 => 128 B
LocalService => 2450 B
NetworkService => 0 B
Ryan => 54464525 B
 
RecycleBin => 191353 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 

The system needed a reboot.
 
==== End of Fixlog 17:46:49 ====


  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Is there anything left of the Chrome browser on the machine ?

Is there a Chrome folder in programs files ?

When you first uninstalled chrome did you do this below:
When asked about user data or settings you did you remove that ?

I think its important to get everything off the computer related to Chrome including the Chrome installer you're currently using and start fresh.
  • 0

#15
rlives16

rlives16

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

There is a Google folder in program files but it does not have anything in it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP