I've not really got any very specific issues like I have before when I've got malware just a few oddities that I've noticed and my computer is running really slowly. Startup takes an age and all popups that do appear always have the tripadvisor logo in the corner. I also have noticed that flash player won't load on anything now, even though I've installed it multiple times. When I'm watching videos online after a while they start to become very jerky (not buffering) just moving one frame at a time sometimes, then playing for 5 seconds then repeat.
Any hints on getting rid of chromium would be great too.
Running 64bit Windows 10.
Thanks in Advance.
Here's my Farbar log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Rich (administrator) on BERT (12-04-2017 09:34:22)
Running from C:\Users\Rich\Desktop
Loaded Profiles: Rich (Available Profiles: Rich)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(EuroTech AE Co.,Ltd.) C:\Program Files (x86)\Video Call Recorder for Facebook\streamchannel.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MA3Firmware] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-23] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-23] (Dell Inc.)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [18785776 2014-04-30] (Entertainment Experience)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28329912 2017-04-06] (Dropbox, Inc.)
HKLM\...\RunOnce: [NvGFExperience] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe [1067064 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\RunOnce: [Natesug] => C:\WINDOWS\SysWoW64\wscript.exe /E:vbscript /B "C:\Users\Rich\AppData\Roaming\Heginab"
HKLM-x32\...\RunOnce: [Hebobata] => C:\WINDOWS\SysWoW64\wscript.exe /E:vbscript /B "C:\Users\Rich\AppData\Roaming\Pakunapuci"
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [Facebook Update] => C:\Users\Rich\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-24] (Facebook Inc.)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [streamchannel] => C:\Program Files (x86)\Video Call Recorder for Facebook\streamchannel.exe [1748992 2014-08-15] (EuroTech AE Co.,Ltd.)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7744568 2016-02-02] (GOG.com)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\Run: [Chromium] => c:\users\rich\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors)
HKU\S-1-5-18\...\Run: [] => [X]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{605eee11-6154-4ad4-954a-c8f60f95dbd1}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-2de54773
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-2de54773
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-2de54773
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {AE4D2230-7F89-4110-8671-AE3A9C1B34B5} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKLM -> {AE4D2230-7F89-4110-8671-AE3A9C1B34B5} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3a149f73&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3a149f73&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2378730425-1505431104-4289691418-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2378730425-1505431104-4289691418-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_254016dc6fd1d62588¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITwrQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVQ3vqYXwVRdJqYVvFM4J6IWwVNdIWYWvmk4ICIVNVM9GqYVNUI3wGYGwVM3vmIYvFI9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI9ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVNdJ6oXvFI9JaYXvFM9I6oVwVI4J6oWwVxdIqYXwVM9JmISwVVdJ6k4vmo9I6oWNVA3vCk3wVJdISoUNVJdJaYTNVBdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVQ9JCIWNVBdJaYVvFI4JmISvmo9J6k4NVE9I6oUvFE9ISIWwVw3vmoWNVRdICISvFE9JaYXvmo3vCIXNVE3vCoUvFFdImIYNoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIWwVM4ISIVwVJoNqAqxrFaIWN4LWF4MWRcLXFbMnVoN9I4ATsux81cM81dNo0gzDRoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGN6NWFbMqx4Md%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2378730425-1505431104-4289691418-1001 -> {ielnksrch} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3a149f73&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: 1yxbpzh6.default
FF ProfilePath: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\1yxbpzh6.default [2016-10-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1yxbpzh6.default -> Search Provided by Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1yxbpzh6.default -> Search Provided by Bing
FF NewTab: Mozilla\Firefox\Profiles\1yxbpzh6.default -> about:newtab
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\1yxbpzh6.default -> Secure Search
FF Keyword.URL: Mozilla\Firefox\Profiles\1yxbpzh6.default -> user_pref("keyword.URL", true);
FF Homepage: Mozilla\Firefox\Profiles\1yxbpzh6.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-3a149f73
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF SearchPlugin: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\1yxbpzh6.default\searchplugins\search provided by bing.xml [2016-10-02]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-07-23] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-12] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2378730425-1505431104-4289691418-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Rich\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bbc.co.uk/sport
CHR NewTab: Default -> Active:"chrome-extension://cfagdeeehccgcioahcpipbilldmnipen/newtab-init.html"
CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=opensearch
CHR DefaultSearchKeyword: Default -> ecosia.org
CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/autocomplete?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default [2017-04-12]
CHR Extension: (Google Docs) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Universal Search Tab) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfagdeeehccgcioahcpipbilldmnipen [2016-11-07]
CHR Extension: (Adblock Plus) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-23]
CHR Extension: (Ecosia - The search engine that plants trees) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\clellnciejhoedgepbdilbkdkaoecgpc [2017-02-04]
CHR Extension: (Google Search) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Context Search) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmnfenkefdfainompfoaahgkmlejmilb [2016-07-01]
CHR Extension: (Cashback Notifier - TopCashback) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekeeeebmbhkkjcaoicinbdjmklipppkj [2016-01-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (StumbleUpon) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2016-11-07]
CHR Extension: (Skype) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-12]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-11-07]
CHR Extension: (Google Mail Checker) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-08-19]
CHR Extension: (Backspace to go Back) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc [2016-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-04-06] (Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-12-13] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-12-13] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation)
S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2016-02-02] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-02] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-28] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-03-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-14] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-23] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [32728 2017-03-20] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [20192 2013-09-09] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2017-02-16] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-12 09:34 - 2017-04-12 09:35 - 00044625 _____ C:\Users\Rich\Desktop\FRST.txt
2017-04-12 09:32 - 2017-04-12 09:34 - 00000000 ____D C:\FRST
2017-04-12 09:32 - 2017-04-12 09:32 - 02424832 _____ (Farbar) C:\Users\Rich\Desktop\FRST64.exe
2017-04-11 22:39 - 2016-06-15 02:12 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-04-11 22:36 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-09 09:31 - 2017-04-09 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-06 17:57 - 2017-04-06 17:57 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-03-24 20:50 - 2017-03-24 20:50 - 00000000 __HDC C:\ProgramData\{042448DA-1440-41DE-BC4B-7C215005F4ED}
2017-03-24 20:49 - 2017-03-24 20:49 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-03-22 18:47 - 2017-03-22 18:47 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-22 18:47 - 2017-03-22 18:47 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-22 18:47 - 2017-03-22 18:47 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-03-21 22:59 - 2017-03-21 22:59 - 03794620 _____ C:\Users\Rich\Desktop\nps65-090215-02.pdf
2017-03-21 22:21 - 2017-03-21 22:22 - 03794620 _____ C:\Users\Rich\Downloads\nps65-090215-02.pdf
2017-03-18 03:35 - 2017-04-11 14:47 - 00004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-18 01:47 - 2017-03-18 03:38 - 00000000 ____D C:\Users\Rich\Downloads\Prolapse Party
2017-03-18 01:40 - 2017-03-18 01:41 - 00000000 ____D C:\Users\Rich\Downloads\ProlapseParty - Prolapse Party Pack
2017-03-14 22:03 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-14 22:03 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-14 22:03 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-14 22:03 - 2017-03-04 08:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-14 22:03 - 2017-03-04 08:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-14 22:03 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-14 22:03 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-14 22:03 - 2017-03-04 08:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-14 22:03 - 2017-03-04 08:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-14 22:03 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-14 22:03 - 2017-03-04 08:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-14 22:03 - 2017-03-04 08:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-14 22:03 - 2017-03-04 08:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-14 22:03 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-14 22:03 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-14 22:03 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-14 22:03 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-14 22:03 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-14 22:03 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-14 22:03 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-14 22:03 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-14 22:03 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-14 22:03 - 2017-03-04 07:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-14 22:03 - 2017-03-04 07:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-14 22:03 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-14 22:03 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-14 22:03 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-14 22:03 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-14 22:03 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-14 22:03 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-14 22:03 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-14 22:03 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-14 22:03 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-14 22:03 - 2017-03-04 07:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-14 22:03 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-14 22:03 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-14 22:03 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-14 22:03 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-14 22:03 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-14 22:03 - 2017-03-04 07:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-14 22:03 - 2017-03-04 07:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-14 22:03 - 2017-03-04 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-14 22:03 - 2017-03-04 07:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-14 22:03 - 2017-03-04 07:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-14 22:03 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-14 22:03 - 2017-03-04 07:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-14 22:03 - 2017-03-04 07:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-14 22:03 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-14 22:03 - 2017-03-04 07:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-14 22:03 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-14 22:03 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-14 22:03 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-14 22:03 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-14 22:03 - 2017-03-04 07:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-14 22:03 - 2017-03-04 07:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-14 22:03 - 2017-03-04 07:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-14 22:03 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-14 22:03 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-14 22:03 - 2017-03-04 07:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-03-14 22:03 - 2017-03-04 07:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-14 22:03 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-14 22:03 - 2017-03-04 07:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-14 22:03 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-14 22:03 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-14 22:03 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-14 22:03 - 2017-03-04 07:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-14 22:03 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-14 22:03 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-14 22:03 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-14 22:03 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-14 22:03 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-14 22:03 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-14 22:03 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-14 22:03 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-14 22:03 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-14 22:03 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-14 22:03 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-14 22:03 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-14 22:03 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-14 22:03 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-14 22:03 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-14 22:03 - 2017-03-04 07:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-14 22:03 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-14 22:03 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-14 22:03 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-14 22:03 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-14 22:03 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-14 22:03 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-14 22:03 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-14 22:03 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-14 22:03 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-14 22:03 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-14 22:03 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-14 22:03 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-14 22:03 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-14 22:03 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-14 22:03 - 2017-03-04 07:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-14 22:03 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-14 22:03 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-14 22:03 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-14 22:03 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-14 22:03 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-14 22:03 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-14 22:03 - 2017-03-04 07:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-14 22:03 - 2017-03-04 07:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-14 22:03 - 2017-03-04 07:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-14 22:03 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-14 22:03 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-14 22:03 - 2017-03-04 07:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-14 22:03 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-14 22:03 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-14 22:03 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-14 22:03 - 2017-03-04 07:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-14 22:03 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-14 22:03 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-14 22:03 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-14 22:03 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-14 22:03 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-14 22:03 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-14 22:03 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-14 22:03 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-14 22:03 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-14 22:03 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-14 22:03 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-14 22:03 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-14 22:03 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-14 22:03 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-14 22:03 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-14 22:03 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-14 22:03 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-14 22:03 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-14 22:03 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-14 22:03 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-14 22:03 - 2017-03-04 06:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-14 22:03 - 2017-02-22 03:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-14 22:02 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-14 22:02 - 2017-03-04 08:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-14 22:02 - 2017-03-04 08:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-14 22:02 - 2017-03-04 08:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-14 22:02 - 2017-03-04 08:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-14 22:02 - 2017-03-04 08:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-14 22:02 - 2017-03-04 08:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-14 22:02 - 2017-03-04 08:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-14 22:02 - 2017-03-04 08:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-14 22:02 - 2017-03-04 08:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-14 22:02 - 2017-03-04 08:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-14 22:02 - 2017-03-04 08:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-14 22:02 - 2017-03-04 08:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-14 22:02 - 2017-03-04 08:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-14 22:02 - 2017-03-04 08:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-14 22:02 - 2017-03-04 08:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-14 22:02 - 2017-03-04 08:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-14 22:02 - 2017-03-04 08:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-14 22:02 - 2017-03-04 08:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-14 22:02 - 2017-03-04 08:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-14 22:02 - 2017-03-04 08:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-14 22:02 - 2017-03-04 08:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-14 22:02 - 2017-03-04 08:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-14 22:02 - 2017-03-04 08:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-14 22:02 - 2017-03-04 08:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-14 22:02 - 2017-03-04 08:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-14 22:02 - 2017-03-04 08:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-14 22:02 - 2017-03-04 08:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-14 22:02 - 2017-03-04 08:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-14 22:02 - 2017-03-04 08:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-14 22:02 - 2017-03-04 08:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-14 22:02 - 2017-03-04 08:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-14 22:02 - 2017-03-04 08:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-14 22:02 - 2017-03-04 08:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-14 22:02 - 2017-03-04 08:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-14 22:02 - 2017-03-04 08:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-14 22:02 - 2017-03-04 08:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-14 22:02 - 2017-03-04 08:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-14 22:02 - 2017-03-04 08:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-14 22:02 - 2017-03-04 07:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-14 22:02 - 2017-03-04 07:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-14 22:02 - 2017-03-04 07:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-14 22:02 - 2017-03-04 07:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-14 22:02 - 2017-03-04 07:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-14 22:02 - 2017-03-04 07:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-14 22:02 - 2017-03-04 07:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-14 22:02 - 2017-03-04 07:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-14 22:02 - 2017-03-04 07:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-14 22:02 - 2017-03-04 07:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-14 22:02 - 2017-03-04 07:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-14 22:02 - 2017-03-04 07:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-14 22:02 - 2017-03-04 07:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-14 22:02 - 2017-03-04 07:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-14 22:02 - 2017-03-04 07:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-14 22:02 - 2017-03-04 07:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-14 22:02 - 2017-03-04 07:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-14 22:02 - 2017-03-04 07:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-14 22:02 - 2017-03-04 07:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-14 22:02 - 2017-03-04 07:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-14 22:02 - 2017-03-04 07:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-14 22:02 - 2017-03-04 07:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-14 22:02 - 2017-03-04 07:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-14 22:02 - 2017-03-04 07:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-14 22:02 - 2017-03-04 07:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-14 22:02 - 2017-03-04 07:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-14 22:02 - 2017-03-04 07:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-14 22:02 - 2017-03-04 07:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-14 22:02 - 2017-03-04 07:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-14 22:02 - 2017-03-04 07:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-14 22:02 - 2017-03-04 07:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-14 22:02 - 2017-03-04 07:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-14 22:02 - 2017-03-04 07:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-14 22:02 - 2017-03-04 07:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-14 22:02 - 2017-03-04 07:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-14 22:02 - 2017-03-04 07:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-14 22:02 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-14 22:02 - 2017-03-04 07:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-14 22:02 - 2017-03-04 07:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-14 22:02 - 2017-03-04 07:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-14 22:02 - 2017-03-04 07:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-14 22:02 - 2017-03-04 07:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-14 22:02 - 2017-03-04 07:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-14 22:02 - 2017-03-04 07:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-14 22:02 - 2017-03-04 07:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-14 22:02 - 2017-03-04 07:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-14 22:02 - 2017-03-04 07:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-14 22:02 - 2017-03-04 07:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-14 22:02 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-14 22:02 - 2017-03-04 07:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-14 22:02 - 2017-03-04 07:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-14 22:02 - 2017-03-04 07:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-14 22:02 - 2017-03-04 07:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-14 22:02 - 2017-03-04 07:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-14 22:02 - 2017-03-04 07:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-14 22:02 - 2017-03-04 07:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-14 22:02 - 2017-03-04 07:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-14 22:02 - 2017-03-04 07:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-14 22:02 - 2017-03-04 07:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-14 22:02 - 2017-03-04 07:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-14 22:02 - 2017-03-04 07:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-14 22:02 - 2017-03-04 07:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-14 22:02 - 2017-03-04 07:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-14 22:02 - 2017-03-04 07:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-14 22:02 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-14 22:02 - 2017-03-04 07:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-14 22:02 - 2017-03-04 07:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-14 22:02 - 2017-03-04 07:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-14 22:02 - 2017-03-04 07:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-14 22:02 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-14 22:02 - 2017-03-04 07:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-14 22:02 - 2017-03-04 07:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-14 22:02 - 2017-03-04 07:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-14 22:02 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-14 22:02 - 2017-03-04 07:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-14 22:02 - 2017-03-04 07:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-14 22:02 - 2017-03-04 07:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-14 22:02 - 2017-03-04 07:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-14 22:02 - 2017-03-04 07:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-14 22:02 - 2017-03-04 07:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-14 22:02 - 2017-03-04 07:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-14 22:02 - 2017-03-04 07:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-14 22:02 - 2017-03-04 07:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-14 22:02 - 2017-03-04 07:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-14 22:02 - 2017-03-04 07:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-14 22:02 - 2017-03-04 07:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-14 22:02 - 2017-03-04 07:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-14 22:02 - 2017-03-04 07:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-14 22:02 - 2017-03-04 07:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-14 22:02 - 2017-03-04 07:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-14 22:02 - 2017-03-04 07:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-14 22:02 - 2017-03-04 07:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-14 22:02 - 2017-03-04 07:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-14 22:02 - 2017-03-04 07:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-14 22:02 - 2017-03-04 07:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-14 22:02 - 2017-03-04 07:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-14 22:02 - 2017-03-04 07:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-14 22:02 - 2017-03-04 07:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-14 22:02 - 2017-03-04 07:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-14 22:02 - 2017-03-04 07:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-14 22:02 - 2017-03-04 07:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-14 22:02 - 2017-03-04 07:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-14 22:02 - 2017-03-04 07:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-14 22:02 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-14 22:02 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-14 22:02 - 2017-03-04 07:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-14 22:02 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-14 22:02 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-14 22:02 - 2016-07-16 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-14 22:02 - 2016-07-16 03:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-14 22:02 - 2016-07-16 03:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-14 22:01 - 2017-03-04 08:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-14 22:01 - 2017-03-04 08:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-14 22:01 - 2017-03-04 08:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-14 22:01 - 2017-03-04 08:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-14 22:01 - 2017-03-04 08:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-14 22:01 - 2017-03-04 08:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-14 22:01 - 2017-03-04 08:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-14 22:01 - 2017-03-04 08:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-14 22:01 - 2017-03-04 08:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-14 22:01 - 2017-03-04 08:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-14 22:01 - 2017-03-04 08:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-14 22:01 - 2017-03-04 08:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-14 22:01 - 2017-03-04 08:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-14 22:01 - 2017-03-04 08:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-14 22:01 - 2017-03-04 08:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-14 22:01 - 2017-03-04 08:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-14 22:01 - 2017-03-04 08:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-14 22:01 - 2017-03-04 08:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-14 22:01 - 2017-03-04 08:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-14 22:01 - 2017-03-04 08:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-14 22:01 - 2017-03-04 08:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-14 22:01 - 2017-03-04 08:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-14 22:01 - 2017-03-04 08:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-14 22:01 - 2017-03-04 08:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-14 22:01 - 2017-03-04 08:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-14 22:01 - 2017-03-04 08:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-14 22:01 - 2017-03-04 08:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-14 22:01 - 2017-03-04 08:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-14 22:01 - 2017-03-04 08:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-14 22:01 - 2017-03-04 08:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-14 22:01 - 2017-03-04 08:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-14 22:01 - 2017-03-04 08:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-14 22:01 - 2017-03-04 08:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-14 22:01 - 2017-03-04 08:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-14 22:01 - 2017-03-04 08:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-14 22:01 - 2017-03-04 07:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-14 22:01 - 2017-03-04 07:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-14 22:01 - 2017-03-04 07:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-14 22:01 - 2017-03-04 07:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-14 22:01 - 2017-03-04 07:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-14 22:01 - 2017-03-04 07:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-14 22:01 - 2017-03-04 07:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-14 22:01 - 2017-03-04 07:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-14 22:01 - 2017-03-04 07:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-14 22:01 - 2017-03-04 07:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-14 22:01 - 2017-03-04 07:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-14 22:01 - 2017-03-04 07:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-14 22:01 - 2017-03-04 07:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-14 22:01 - 2017-03-04 07:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-14 22:01 - 2017-03-04 07:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-14 22:01 - 2017-03-04 07:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-14 22:01 - 2017-03-04 07:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-14 22:01 - 2017-03-04 07:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-14 22:01 - 2017-03-04 07:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-14 22:01 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-14 22:01 - 2017-03-04 07:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-14 22:01 - 2017-03-04 07:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-14 22:01 - 2017-03-04 07:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-14 22:01 - 2017-03-04 07:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-14 22:01 - 2017-03-04 07:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-14 22:01 - 2017-03-04 07:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-14 22:01 - 2017-03-04 07:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-14 22:01 - 2017-03-04 07:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-14 22:01 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-14 22:01 - 2017-03-04 07:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-14 22:01 - 2017-03-04 07:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-14 22:01 - 2017-03-04 07:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-14 22:01 - 2017-03-04 07:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-14 22:01 - 2017-03-04 07:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-14 22:01 - 2017-03-04 07:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-14 22:01 - 2017-03-04 07:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-14 22:01 - 2017-03-04 07:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-14 22:01 - 2017-03-04 07:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-14 22:01 - 2017-03-04 07:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-14 22:01 - 2017-03-04 07:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-14 22:01 - 2017-03-04 07:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-14 22:01 - 2017-03-04 07:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-14 22:01 - 2017-03-04 07:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-14 22:01 - 2017-03-04 07:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-14 22:01 - 2017-03-04 07:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-14 22:01 - 2017-03-04 07:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-14 22:01 - 2017-03-04 07:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-14 22:01 - 2017-03-04 07:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-14 22:01 - 2017-03-04 07:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-14 22:01 - 2017-03-04 07:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-14 22:01 - 2017-03-04 07:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-14 22:01 - 2017-03-04 07:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-14 22:01 - 2017-03-04 07:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-14 22:01 - 2017-03-04 07:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-14 22:01 - 2017-03-04 07:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-14 22:01 - 2017-03-04 07:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-14 22:01 - 2017-03-04 07:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-14 22:01 - 2017-03-04 07:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-14 22:01 - 2017-03-04 07:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-14 22:01 - 2017-03-04 07:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-14 22:01 - 2017-03-04 07:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-14 22:01 - 2017-03-04 07:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-14 22:01 - 2017-03-04 07:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-14 22:01 - 2017-03-04 07:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-14 22:01 - 2017-03-04 07:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-14 22:01 - 2017-03-04 07:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-14 22:01 - 2017-03-04 07:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-14 22:01 - 2017-03-04 07:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-14 22:01 - 2017-03-04 07:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-14 22:01 - 2017-03-04 07:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-14 22:01 - 2017-03-04 07:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-14 22:01 - 2017-03-04 07:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-14 22:01 - 2017-03-04 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-14 22:01 - 2017-03-04 07:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-14 22:01 - 2017-03-04 07:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-14 22:01 - 2017-03-04 07:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-14 22:01 - 2017-03-04 07:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-14 22:01 - 2017-03-04 07:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-14 22:01 - 2017-03-04 07:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-14 22:01 - 2017-03-04 07:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-14 22:01 - 2017-03-04 07:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-14 22:01 - 2017-03-04 07:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-14 22:01 - 2017-03-04 07:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-14 22:01 - 2017-03-04 07:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-14 22:01 - 2017-03-04 07:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-14 22:01 - 2017-03-04 07:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-14 22:01 - 2017-03-04 07:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-14 22:01 - 2017-03-04 07:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-14 22:01 - 2017-03-04 07:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-14 22:01 - 2017-03-04 07:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-14 22:01 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-14 22:01 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-12 09:23 - 2016-09-25 07:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-12 07:59 - 2015-11-07 09:41 - 00000000 ____D C:\Users\Rich\Downloads\E2
2017-04-12 07:48 - 2016-02-20 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-12 07:34 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-12 07:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-12 07:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-12 07:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-12 07:28 - 2016-09-25 07:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-12 00:09 - 2014-08-21 16:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 00:05 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-12 00:05 - 2014-08-21 16:30 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 22:41 - 2014-08-19 17:59 - 00000000 ____D C:\Users\Rich\AppData\Local\NVIDIA Corporation
2017-04-11 22:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-11 22:25 - 2016-12-26 13:38 - 00000000 ___RD C:\Users\Rich\Dropbox
2017-04-11 22:23 - 2016-12-02 21:04 - 00000000 ____D C:\Users\Rich\AppData\Roaming\45F029EF-05A1-556B-0B91-05478F3DD462
2017-04-11 22:22 - 2016-10-03 20:28 - 00000314 _____ C:\Users\Rich\AppData\Roaming\WB.CFG
2017-04-11 22:22 - 2016-09-25 07:44 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-11 22:22 - 2014-08-19 17:58 - 00000000 __SHD C:\Users\Rich\IntelGraphicsProfiles
2017-04-11 22:20 - 2015-10-23 09:50 - 00005826 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-11 22:15 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-11 22:14 - 2016-09-25 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-11 22:14 - 2016-07-01 19:03 - 00000000 ____D C:\Program Files\TrueKey
2017-04-11 22:14 - 2014-08-07 10:17 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-11 22:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-11 14:57 - 2014-09-24 20:00 - 00000000 ____D C:\Users\Rich\AppData\Local\Adobe
2017-04-11 14:47 - 2016-09-25 08:21 - 00004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-09 09:34 - 2015-12-25 10:12 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-09 09:32 - 2016-12-26 13:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-07 04:53 - 2016-09-25 08:21 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 04:53 - 2016-09-25 08:21 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-05 23:28 - 2014-08-19 18:04 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-05 23:28 - 2014-08-19 18:04 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-04 00:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-02 20:58 - 2014-08-19 17:58 - 00000000 ____D C:\Users\Rich\AppData\Local\Packages
2017-04-01 19:52 - 2016-11-01 16:57 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 19:52 - 2016-11-01 16:57 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-28 18:12 - 2014-08-07 10:17 - 00000000 ____D C:\ProgramData\McAfee
2017-03-27 18:40 - 2015-07-21 23:29 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-27 10:52 - 2016-09-25 08:21 - 00003388 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2017-03-27 10:41 - 2016-09-25 07:50 - 00000000 ____D C:\Users\Rich
2017-03-24 22:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-23 09:08 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-23 09:07 - 2014-10-04 17:06 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-18 09:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-18 08:11 - 2015-09-10 06:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-18 06:18 - 2016-09-25 07:39 - 00374120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-18 06:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-18 03:39 - 2014-08-20 22:00 - 00000000 ____D C:\Users\Rich\AppData\Roaming\uTorrent
==================== Files in the root of some directories =======
2016-10-02 18:51 - 2016-10-02 18:51 - 7176704 _____ () C:\Users\Rich\AppData\Roaming\agent.dat
2015-01-03 11:07 - 2015-01-03 16:57 - 0000000 _____ () C:\Users\Rich\AppData\Roaming\FileIn.cns
2015-01-03 11:07 - 2015-01-03 16:57 - 0000000 _____ () C:\Users\Rich\AppData\Roaming\FileOut.cns
2016-10-02 18:52 - 2016-10-02 18:52 - 0018195 _____ () C:\Users\Rich\AppData\Roaming\Heginab
2016-10-02 18:50 - 2016-10-02 18:50 - 0140288 _____ () C:\Users\Rich\AppData\Roaming\Installer.dat
2016-10-02 18:51 - 2016-10-02 18:51 - 0018432 _____ () C:\Users\Rich\AppData\Roaming\Main.dat
2016-12-02 21:04 - 2016-12-02 21:04 - 0019496 _____ () C:\Users\Rich\AppData\Roaming\Pakunapuci
2016-10-03 20:28 - 2017-04-11 22:22 - 0000314 _____ () C:\Users\Rich\AppData\Roaming\WB.CFG
2017-02-02 10:21 - 2017-02-02 10:21 - 0003584 _____ () C:\Users\Rich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-21 12:22 - 2015-06-21 12:22 - 0000872 _____ () C:\Users\Rich\AppData\Local\recently-used.xbel
2016-09-25 07:44 - 2016-09-25 07:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Windows\Tasks\{366020EE-389F-B149-8A83-5B4EDA93D3C4}.job
C:\Windows\Tasks\{45F029EF-05A1-556B-0B91-05478F3DD462}.job
Some files in TEMP:
====================
1997-10-03 11:14 - 1997-10-03 11:14 - 0287232 _____ (Microsoft Corp.) C:\Users\Rich\AppData\Local\Temp\setup.exe
1997-10-01 13:30 - 1997-10-01 13:30 - 0338432 _____ (Microsoft Corporation) C:\Users\Rich\AppData\Local\Temp\setupenu.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-11 09:28
==================== End of FRST.txt ============================
and the addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Rich (12-04-2017 09:37:20)
Running from C:\Users\Rich\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-25 07:25:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2378730425-1505431104-4289691418-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2378730425-1505431104-4289691418-503 - Limited - Disabled)
Guest (S-1-5-21-2378730425-1505431104-4289691418-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2378730425-1505431104-4289691418-1003 - Limited - Enabled)
Rich (S-1-5-21-2378730425-1505431104-4289691418-1001 - Administrator - Enabled) => C:\Users\Rich
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
7GIF (HKLM\...\{D27A1E28-51AD-4CB7-9AAD-11D8DDA3B619}_is1) (Version: 1.0.9.0 - Xtreme-LAb®)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AirDroid 3.0.4.0 (HKLM-x32\...\AirDroid) (Version: 3.0.4.0 - Sand Studio)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
BBC iPlayer Downloads (HKLM-x32\...\{C3794B09-6C43-4B93-9CA8-F10BECCF2971}) (Version: 1.11.1 - BBC)
BingProvidedSearch (HKLM-x32\...\BingProvidedSearch) (Version: - )
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Chromium (HKLM-x32\...\{F6711EB1-A6F1-CF31-1771-BFB1C7F16C31}) (Version: - )
Close Combat Invasion Normandy (HKLM-x32\...\{66545400-DEF6-11D3-A09A-00E02919016C}) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.1.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{9B0F1E41-7ADC-4F10-919F-390FB60925C9}) (Version: 1.4.0.23 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.18 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EditVoicepack X (HKLM-x32\...\{493687F8-8D57-47C4-87B6-D46D7C5203BF}) (Version: 4.0.7 - Bevelstone Production)
Emergency 2014 (HKLM-x32\...\Steam App 260930) (Version: - Promotion Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
FreeZ (HKLM\...\FreeZ) (Version: 0.9 Ultra - Freez.aero)
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games)
Indeo® software (HKLM-x32\...\Indeo® software) (Version: - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1414.3) (HKLM\...\{302600C1-6BDF-4FD1-1403-148929CC1385}) (Version: 17.0.1403.0442 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.7.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{18a91b56-a919-4c87-b3bb-2dbcd9b7cc13}) (Version: 17.0.2 - Intel Corporation)
Just Flight - Traffic 360 (HKLM-x32\...\{4852995D-79BC-44FD-8CB2-2E5CAF2C4844}) (Version: 1.00.000 - Just Flight)
Just Flight Traffic 2005 v1.00 (HKLM-x32\...\{F4E07A79-CB8F-43AC-882C-F7542856D573}) (Version: 1.00.000 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-GB)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\MyFreeCodec) (Version: - )
NetStream (HKLM-x32\...\NetStream) (Version: - ) <==== ATTENTION
NMG Cape Town International Airport for Flight Simulator 2004 (HKLM-x32\...\FACT-FS9) (Version: 3.0 - NMG Trading)
NMG Cape Town International V4.1 (FSX) (HKLM-x32\...\NMG Cape Town International V4.1 (FSX)) (Version: - )
NMG Johannesburg International 2012 (FSX) (HKLM-x32\...\NMG Johannesburg International 2012 (FSX)) (Version: - )
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
oneworld Timetables (HKLM-x32\...\ONEWORLD) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{28B88897-774A-4005-BBFF-663B1F8EAA5A}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version: - )
Real Environment Xtreme for FS2004 Overdrive (HKLM-x32\...\{BA1DF5FA-905A-4BD5-9AE8-A8EFB4156DE3}) (Version: 1.5.2010.1210 - Real Environment Simulations, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SkyTeam TravelDesk (HKLM-x32\...\SkyTeam TravelDesk_is1) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0046 - ST Microelectronics)
Star Alliance Timetable (HKLM-x32\...\star) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
TrafficGiant (HKLM-x32\...\TrafficGiant) (Version: - )
Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games)
Train Simulator 2014 Steam Edition version 0.0.0.9 (HKLM-x32\...\Train Simulator 2014 Steam Edition_is1) (Version: 0.0.0.9 - WaLMaRT)
Trucks & Trailers 1.01 (HKLM-x32\...\Trucks & Trailers) (Version: 1.01 - SCS Software)
True Color (HKLM-x32\...\{f8476c72-fe9e-4c04-a537-40a60257e57d}) (Version: 2.0.0.1 - Entertainment Experience)
True Color (Version: 2.0.0.1 - Entertainment Experience LLC) Hidden
UK2000 Heathrow Free FSX (HKLM-x32\...\UK2000 Heathrow Free FSX) (Version: 3.0 - UK2000 Scenery)
Ultimate General: Gettysburg (HKLM-x32\...\Steam App 306660) (Version: - Game-Labs)
Utatity (HKLM-x32\...\{9DDB30CC-71CA-464F-9BC1-CA23CE181C6F}) (Version: 1.0.0.0 - " ") <==== ATTENTION
Video Call Recorder for Facebook 1.0.2.16 (HKLM-x32\...\Video Call Recorder for Facebook) (Version: 1.0.2.16 - EuroTech AE Co.,Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - Xvid Development Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {018D4CC3-09D2-4D82-9248-ADE24EB1BAD3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {022ECF4E-3A01-46E8-8D43-2250761E585C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {08A8FFCA-19BF-4252-A304-B8C5C12E817A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {09707869-72AD-42F0-9217-CA6A4DE7BFA4} - System32\Tasks\{C5255A0D-390D-4790-9387-599795941D4F} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe" -d "C:\Program Files (x86)\Microsoft Games\Flight Simulator 9"
Task: {0DBED186-56DD-48CC-8819-16090ABDEB78} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {11CBD737-845D-458F-91F2-608F3C9CD012} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {1976BFCE-FAA8-4446-958D-A99549B4ED8F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {283A4571-0D77-46DB-94BE-724979CBFDDD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {296A2CE9-539B-4C6C-8454-CFE5E761FD9E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2ABEF662-C7E0-4F89-979E-88CA249B226F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {2D4CBC9D-26A0-426E-B7B8-30D322FC04AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {305EFA4B-C65B-4269-81E7-DB85D162B38D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3201045A-7642-44AD-A4A9-748BD4EDA61F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-03-20] (Dell Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {37626079-04D6-4AD2-AC4E-2647BDEC7146} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-02-16] (Synaptics Incorporated)
Task: {3CAE4B6B-669F-4E0E-AD42-110240EB552D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {41983709-D18F-427D-B753-0691D50DCE42} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {4EB57ED9-DEE3-4F8B-A7F1-063AC603E074} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-26] (Dropbox, Inc.)
Task: {523669F3-D599-4302-B2B4-80D1D34E336C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {52C3B19C-1DEA-4F19-8EF8-B763766AB1AF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {67C7BBD8-EEFA-4988-967C-6A291E52F17D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {6BA70C23-50DB-4348-BF51-0D1AD744A479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {7A3E070A-44B4-4DE0-AC97-BCE209EC68B9} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-09] (Intel)
Task: {8467F6BF-CD9C-45E1-8EA8-87CBAD4A8D69} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-23] (Realtek Semiconductor)
Task: {8999DFA6-9247-46EA-BC52-0157776147CA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {89D62FE6-9481-488E-96ED-3559B6507590} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2378730425-1505431104-4289691418-1001UA => C:\Users\Rich\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-24] (Facebook Inc.)
Task: {8B0E6C26-63E4-4F3A-A11C-323FA07F5D05} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-26] (Dropbox, Inc.)
Task: {971B32CF-5CE7-4EEF-A6E0-FD96A8C65280} - System32\Tasks\{1A9D30AD-FB02-4C73-845D-DE48348D1E0E} => pcalua.exe -a "C:\Users\Rich\Downloads\RAILROAD TYCOON 3- FIXED\1.05 patch and crack\rt3_105 patch\rt3_105.exe" -d "C:\Users\Rich\Downloads\RAILROAD TYCOON 3- FIXED\1.05 patch and crack\rt3_105 patch"
Task: {A1B2F94B-FAE2-4790-A0E4-0F88B2E97AC1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {A3037D9C-7416-49D8-9F72-63774CB5ABEC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AA8E88E7-25F5-46D5-81BD-0780F93FE5B4} - System32\Tasks\{45F029EF-05A1-556B-0B91-05478F3DD462} => C:\Users\Rich\AppData\Roaming\45F029EF-05A1-556B-0B91-05478F3DD462\synctask.exe [2013-05-06] ()
Task: {ACDDB586-27F1-44E4-B73E-AF9A39167B4F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2378730425-1505431104-4289691418-1001Core => C:\Users\Rich\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-24] (Facebook Inc.)
Task: {B12FC165-8CFB-42EA-A3AA-B357F12E41F3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B1CD4600-6CAA-4B3E-951C-5D853D80EE9E} - System32\Tasks\{B49A2354-D34B-422E-ADC9-DE44B328EC5A} => pcalua.exe -a D:\Setup\3DSetup.exe -d D:\Setup
Task: {B513B9A2-5D99-4578-A2BC-666F0F9651D8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BA0D6C06-7DD4-4F44-A7DA-27CA64B063B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {BC148646-2D8D-45B4-B0E9-E2ACE5560CC8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {BC5272F7-3A21-4CE2-975F-61A816509492} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {BE3EB0EA-CD3F-4601-BE64-0577F50653D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C1192692-AF14-4FB2-A19A-2E0DCED4CF80} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {C4424FB2-169E-4B6B-9473-E700CA130EFE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C4621EB0-0C39-4CCE-A869-FE78B11F8B1B} - System32\Tasks\{366020EE-389F-B149-8A83-5B4EDA93D3C4} => C:\Users\Rich\AppData\Local\{8F5FB~1\UPDATE~1.EXE <==== ATTENTION
Task: {C75B0A5C-C51F-4202-A463-5C94B8C1CFFE} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {C8D0D553-8933-413C-BCB4-E6C1E012FA0E} - System32\Tasks\Bing Search Engine moser => Wscript.exe "C:\ProgramData\{544C912F-DE0E-1BE9-58C8-85ABC28A0E65}\como.txt" "687474703a2f2f77617662736c792e636f6d" "433a5c50726f6772616d446174615c7b35343443393132462d444530452d314245392d353843382d3835414243323841304536357d5c6c696465666f" "433a5c50726f6772616d446174615c7b35343443393132462d444530452d314245392d35 (the data entry has 82 more characters).
Task: {D69E2213-8D84-43EB-B405-E9B6F0E852BF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: {E8B140E4-8869-4D04-8096-0CCA43B73EBB} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {EC13C4B0-E2A3-4FA1-9869-3B0E1745AE77} - System32\Tasks\{84579690-1B89-4C15-AA89-74AFA2ECBD33} => pcalua.exe -a H:\start.exe -d H:\
Task: {EEAA22C7-0B6E-4458-8E11-6D3A7C437A0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {F6AD7F44-156D-48CE-9B7F-2FE6B2BE5493} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {F7274685-29FB-4536-A5A8-6949CE0B5C45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F9F1CEA7-A594-4439-98A7-FF0C714448B0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Bing Search Engine moser.job => Wscript.exe C:\ProgramData\{544C912F-DE0E-1BE9-58C8-85ABC28A0E65}\como.txt <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2378730425-1505431104-4289691418-1001Core.job => C:\Users\Rich\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2378730425-1505431104-4289691418-1001UA.job => C:\Users\Rich\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\{366020EE-389F-B149-8A83-5B4EDA93D3C4}.job => C:\Users\Rich\AppData\Local\{8F5FB~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\{45F029EF-05A1-556B-0B91-05478F3DD462}.job => C:\Users\Rich\AppData\Roaming\45F029~1\synctask.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Rich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons\POSKY Embraer ERJ 135 FSX\www.projectopensky.com.lnk -> hxxp://www.projectopensky.com
Shortcut: C:\Users\Rich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons\POSKY Embraer ERJ 135 FSX\www.rikoooo.com.lnk -> hxxp://www.rikoooo.com
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-14 22:02 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-09-19 13:23 - 2013-09-19 13:23 - 00466944 _____ () C:\WINDOWS\system32\DPPPlugin.dll
2016-09-25 07:45 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-30 14:20 - 2014-04-30 14:20 - 00089072 _____ () C:\Program Files\TrueColor\TrueColorALS.exe
2014-10-04 17:06 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-11-07 21:21 - 2016-10-25 01:31 - 00508368 _____ () C:\Program Files\Common Files\McAfee\Sustainability\GenericPlugin.dll
2017-03-14 22:02 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-25 16:32 - 2016-09-25 16:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:01 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 22:01 - 2017-03-04 07:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-03-14 22:02 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-14 22:02 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-14 22:02 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-11 07:49 - 2017-04-11 07:49 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-11 07:49 - 2017-04-11 07:49 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-04-11 22:37 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2017-04-11 22:38 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-04-04 00:01 - 2017-04-04 00:02 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-04 00:01 - 2017-04-04 00:02 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-04 00:01 - 2017-04-04 00:02 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-04 00:01 - 2017-04-04 00:02 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 18:45 - 2016-06-03 18:45 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-04 00:01 - 2017-04-04 00:02 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-04 00:01 - 2017-04-04 00:02 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-06 16:30 - 2016-03-06 16:51 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-28 18:14 - 2017-03-28 18:14 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-04-11 22:37 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-04-11 22:37 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-04-05 13:35 - 2017-04-05 13:36 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2014-08-07 10:09 - 2013-09-12 05:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-09 09:30 - 2017-04-06 18:05 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-04-09 09:30 - 2017-03-20 19:10 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-09 09:30 - 2017-03-20 19:11 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-04-09 09:30 - 2017-03-20 19:11 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-04-09 09:30 - 2017-03-20 19:13 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-04-09 09:30 - 2017-03-20 19:10 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-04-09 09:30 - 2017-03-20 19:13 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-09 09:30 - 2017-03-20 19:12 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-09 09:30 - 2017-03-20 19:11 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-09 09:30 - 2017-03-20 19:13 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-04-09 09:30 - 2017-03-20 19:08 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-04-09 09:30 - 2017-04-06 18:07 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-04-09 09:30 - 2017-03-22 18:47 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-04-09 09:30 - 2017-04-06 18:07 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-09 09:30 - 2017-04-06 18:07 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-04-09 09:30 - 2017-03-20 19:17 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-04-09 09:30 - 2017-03-20 19:17 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-04-09 09:30 - 2017-04-06 18:07 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-09 09:30 - 2017-04-06 18:08 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-09 09:30 - 2017-04-06 18:07 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-03-23 09:06 - 2017-01-31 11:14 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2017-04-05 23:28 - 2017-03-29 03:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-05 23:28 - 2017-03-29 03:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-03-31 19:32 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:68194AFB [131]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-08-24 22:09 - 00000869 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\dell\XPS 15 Wallpaper Red Mum Flower WQHD.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2378730425-1505431104-4289691418-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3AFA26F9-F23C-4E0D-852D-AF7126723A4C}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94349A1A-0910-4B2E-92ED-6C7B6118D94B}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{703E0063-E9DA-499B-AEDC-E452CFDD2F31}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{52EF8638-43E3-4F19-9025-AB4D4F0BB914}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83EA7B27-F767-44A8-84F6-93D0C1371B38}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EB3A41DB-6BBA-4D81-AEA8-E334F025CF92}] => (Allow) C:\Users\Rich\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B677245F-CDA6-4CCD-93BC-A25506117B70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A872FC38-917B-48FD-83EB-4E33A5005F48}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{0AC17B84-D960-4B42-A684-B6B6CE2C2523}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{0818D7B6-6958-45B2-A532-72D77899812D}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{38F9FD83-6585-4321-8DE0-6436E0761AB5}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{15590EB7-5A59-4431-9B25-682A3C1F2CB0}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{655BE23A-8F7E-4219-BADD-26CAD5E8A05E}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{87E0CA7F-FAB2-4314-9CE2-4A3D19874B76}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{28FF60A8-F00C-41AC-8BF5-9E0611B8AA5A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{53583082-4A56-4A91-8D5E-EACF7CA20737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe
FirewallRules: [{98469A9A-32F4-4982-8392-FD53DFAC7470}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe
FirewallRules: [{2C14955C-A5B6-4B7D-AB8E-C1F57C21DEF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{A7984461-2019-4A9A-8D97-5943E1D5A201}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{E0152B9D-B061-4150-A634-B54697673C7B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{683CFED2-2383-4EDE-821C-F60BD7A74FEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{14A87D97-63A9-42D9-BC1E-054598977E0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{5B12EE43-11F0-4126-BD31-3024099617F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{BE1F73A8-575F-4EF5-841F-9B65EBF6F3AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B83085AF-BC10-487F-AE23-1A6E6D836B55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{499972B9-DBC9-40D7-8C0A-3F8FE8E22984}] => (Allow) LPort=1900
FirewallRules: [{4FF5385E-8488-4F80-8BBB-D0D616A6BA45}] => (Allow) LPort=2869
FirewallRules: [{356007CB-A1C2-4E81-A656-BCAA8F9B9A08}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CBCDB117-1F1A-4AF2-9CD7-DA27739C02A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C5A638D-C8E1-4454-9160-4997FA377592}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC86C501-2FBF-494B-AE59-C8F74740A763}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{F6AD0D8A-E3A5-4EB4-BB8B-25D946FED0D5}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{EB05C49A-CD16-4123-85B4-D68BDCB3E0D1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{3F419229-F0DC-4326-A7EC-C8574C71098E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{9583E674-C81D-48CF-9F37-6906304995BD}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{4060AEC4-0882-4753-8FA0-B4DD8D06D9D2}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{A45F1FED-094A-4DDE-ADCF-129F167AFE0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe
FirewallRules: [{1D085CC7-CB9C-4932-8B2D-77E7920AE098}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe
FirewallRules: [{D59D5B77-1AD8-42DB-A63B-DD230065E601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{69FB9270-A406-4C32-ACCB-680CCB53F379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{BDFF8991-1947-4822-A2B8-5320A62C5553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{FDBAFF24-5655-42F0-8237-45E2654EA9B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{EFD61DBE-3546-473A-9ADD-457F67CBABDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{C2FB5A26-178A-4F51-8C58-7610064B6277}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{CC7FC435-9322-472D-8D50-5D51FAEA8A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{2039BB5E-07B6-4D96-9D74-40124822AB3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{D02D6E63-8E57-48B2-992B-D44B14E7212D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{38C339DA-7664-4CAB-9343-20B412A5957A}] => (Allow) C:\Users\Rich\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{F3A4C489-275C-4D9D-A6BF-A270A720D974}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E6E6145-8076-415A-95FF-B2FE9C1B3A45}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{91058E67-9166-48C6-ADF3-8099B861792C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6106C443-90D7-44BC-94F9-D9ECC6AAD27B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB1E878B-AF95-4586-B0E9-7E7BDECB6D0F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{60A88BAF-C5A7-459E-BABD-6AEEFBA92E4F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{67302954-80CC-42BD-8DFC-0FEC2DBE51AD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{985859D5-6D54-406B-8680-D9193B9A6BAD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{390086C6-E1D5-4389-A86E-7691FE855900}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{99721ED9-9BBD-47F4-B52A-8C08886FC065}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1858AAAA-DDA5-4431-AEBA-B078DB33005E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5F32A536-8675-44E1-A691-1110535E7438}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{29A8252C-15BC-4D2B-96BD-936BE00B977F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{41448AB3-6572-4CC3-B5F2-72E3A96EDE24}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{87EE3C06-9A2A-431F-B078-4A87C071D114}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D1598F73-9F83-4EB9-88DE-61CD7DFD3BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{3B12BEB5-F4BA-406A-A5B2-71A2857E1972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{11121614-B143-4E09-8DBE-BC466FC2191E}] => (Allow) C:\Users\Rich\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{93734F61-16DD-4849-AA95-B13CE9B25B72}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A33FF426-B73C-4FB2-91AB-3881A97E9AB6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{77AE5458-D42C-4DFC-A458-51B6EA32B3EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44D68A3F-2165-4B7B-8572-2CC2DB7FC0DB}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8735FB13-E70B-4FAB-BFA9-7B23010CFD9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E17C3149-E734-4231-AE24-014B3767A7A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48CD7090-967E-4BC1-8620-1EA151DF85EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{212AB1DF-F8F0-43FE-A348-2E3DDEB1190B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7EEE2FEB-887D-467C-8AB6-4CC234EAE9EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Restore Points =========================
27-03-2017 09:53:07 Scheduled Checkpoint
05-04-2017 13:44:55 Windows Update
11-04-2017 23:58:04 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/12/2017 09:36:57 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 09:31:57 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 09:26:57 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 09:24:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
Exception code: 0xc0000005
Fault offset: 0x0000000000030bdd
Faulting process id: 0xb68
Faulting application start time: 0x01d2b36624ed9804
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e70fdd94-9821-49d1-a997-9319d76823d0
Faulting package full name:
Faulting package-relative application ID:
Error: (04/12/2017 09:23:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
Exception code: 0xc0000005
Fault offset: 0x0000000000030bdd
Faulting process id: 0x469c
Faulting application start time: 0x01d2b3660f158d2d
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 724e4425-fe42-4fbb-8849-85b5fb42bcbc
Faulting package full name:
Faulting package-relative application ID:
Error: (04/12/2017 08:55:45 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 08:50:45 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 08:45:45 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 08:40:45 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/12/2017 08:35:45 AM) (Source: irstrtsv) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/12/2017 08:56:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/12/2017 07:42:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.
Error: (04/12/2017 07:27:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
and APPID
{7006698D-2974-4091-A424-85DD0B909E23}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/12/2017 12:10:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/11/2017 10:25:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
Error: (04/11/2017 10:22:32 PM) (Source: DCOM) (EventID: 10010) (User: BERT)
Description: The server App did not register with DCOM within the required timeout.
Error: (04/11/2017 10:22:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/11/2017 10:22:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/11/2017 10:22:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/11/2017 10:13:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-04-12 07:42:52.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-09 16:22:58.734
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-02 22:08:17.149
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-28 19:04:53.346
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-24 20:09:58.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-19 14:13:28.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-16 22:14:14.016
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-01 08:23:14.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-26 09:53:38.592
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-12 19:32:20.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-4712HQ CPU @ 2.30GHz
Percentage of memory in use: 46%
Total physical RAM: 16287.06 MB
Available physical RAM: 8673.65 MB
Total Virtual: 18719.06 MB
Available Virtual: 9068.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.59 GB) (Free:296.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 055BCDC8)
Partition: GPT.
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 8B50555E)
Partition: GPT.
==================== End of Addition.txt ============================
Thanks again