According to RKinner's received email of Mon, 27 Jun 2016, when it was suggested "Just reply to your original post with a new FRST and Addition.txt log." I think this is what is meant.
Since our last correspondence a number of things have happened:
This HP TouchSmart 520 was originally running on Windows 7.
Then overnight (don't remember when, not recently) Windows 10 was installed (I really can't remember doing this myself).
I must say I don't like this system very much (maybe I will get used to it).
Anyway, Firefox has stopped working, if you have a suggestion of a better provider, please advise.
I keep getting hijacked? is that the word, viz being sent places I don't want to go.
Also from time to time there seems to be excessive HD activity.
Is this a problem?
Here then is the FRST and Addition.txt log as suggested.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by GollyGeeTickleMyKnee (administrator) on BESS (26-09-2016 16:36:05)
Running from C:\Users\GollyGeeTickleMyKnee\Desktop
Loaded Profiles: GollyGeeTickleMyKnee (Available Profiles: GollyGeeTickleMyKnee & Tess and David & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel® Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(© 2015 Microsoft Corporation) C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-22] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-21] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2011-06-18] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-276537238-745704212-931418625-1002\...\Run: [BingSvc] => C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-04] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-276537238-745704212-931418625-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{10f382d5-49fa-49c8-b32f-80491ce2ff0c}: [DhcpNameServer] 10.1.1.1
Internet Explorer:
==================
HKU\S-1-5-21-276537238-745704212-931418625-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://au.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://au.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-276537238-745704212-931418625-1002 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
FireFox:
========
FF ProfilePath: C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Extension: (Open In Chrome) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\extensions\
[email protected] [2016-09-25]
FF Extension: (TopSite) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\extensions\
[email protected] [2016-08-26]
FF Extension: (Disconnect) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\extensions\
[email protected] [2016-08-31]
FF Extension: (Ghostery) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\Extensions\
[email protected] [2016-09-21]
FF Extension: (NoScript) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-13]
FF Extension: (Adblock Plus) - C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Mozilla\Firefox\Profiles\utbfd9s1.default-1462496030596\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-30]
Chrome:
=======
CHR Profile: C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default [2016-04-19] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-18]
CHR Extension: (Google Docs) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-18]
CHR Extension: (Google Drive) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-06]
CHR Extension: (YouTube) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-06]
CHR Extension: (Google Sheets) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-18]
CHR Extension: (Google Docs Offline) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-18]
CHR Extension: (Norton Security Toolbar) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2016-04-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR Extension: (Stylist) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2016-04-18]
CHR Extension: (Gmail) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-06]
CHR Profile: C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default [2016-09-26]
CHR Extension: (Google Slides) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-19]
CHR Extension: (Google Docs) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-19]
CHR Extension: (Google Drive) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-19]
CHR Extension: (YouTube) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-19]
CHR Extension: (Google Sheets) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Google Voice (by Google)) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2016-06-18]
CHR Extension: (FindMeFreebies) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdipifddaiedehdphnflapcinbndgmb [2016-08-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Gmail) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR Profile: C:\Users\GollyGeeTickleMyKnee\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; c:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129840 2011-06-18] (Portrait Displays, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel® Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 AVerAVF2; C:\Windows\system32\DRIVERS\AVerAVF2.sys [1212672 2012-06-15] (AVerMedia TECHNOLOGIES, Inc.)
R3 FintekCIR; C:\Windows\system32\DRIVERS\FintekCIR.sys [33064 2013-07-25] (Fintek)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-25] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NWVoltron; C:\Windows\System32\drivers\NWVoltron.sys [28920 2015-07-09] ()
S3 NWWakeFilterV; C:\Windows\system32\drivers\NWWakeFilterV.sys [16152 2011-06-24] (n/a)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 16:36 - 2016-09-26 16:36 - 00021288 _____ C:\Users\GollyGeeTickleMyKnee\Desktop\FRST.txt
2016-09-26 13:47 - 2016-09-26 13:47 - 00000000 ___HD C:\$SysReset
2016-09-26 13:22 - 2016-09-26 13:22 - 00000130 _____ C:\Users\GollyGeeTickleMyKnee\Documents\charges.txt
2016-09-26 10:00 - 2016-09-26 10:00 - 00000012 _____ C:\Users\GollyGeeTickleMyKnee\Documents\Ghost.txt
2016-09-22 19:59 - 2016-09-22 04:23 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-22 19:55 - 2016-09-22 19:55 - 00000000 ____D C:\Windows.old
2016-09-22 19:53 - 2016-09-22 19:53 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-22 19:53 - 2016-09-22 19:53 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-22 19:53 - 2016-09-22 19:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-22 19:53 - 2016-09-22 19:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-22 19:53 - 2016-09-22 19:53 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-22 19:53 - 2016-09-22 19:53 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-22 19:53 - 2016-09-22 19:53 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-22 19:53 - 2016-09-22 19:53 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-22 19:53 - 2016-09-22 19:53 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-22 19:53 - 2016-09-22 19:53 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00204288 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-22 19:53 - 2016-09-22 19:53 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00141824 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-22 19:53 - 2016-09-22 19:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-22 19:53 - 2016-09-22 19:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-22 19:53 - 2016-09-22 19:53 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-22 19:53 - 2016-09-22 19:53 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-22 19:53 - 2016-09-22 19:53 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-22 19:48 - 2016-09-22 19:48 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\Program Files\MSBuild
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-22 19:46 - 2016-09-22 19:46 - 00000000 ____D C:\inetpub
2016-09-22 19:46 - 2016-05-26 06:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-22 19:46 - 2016-05-26 06:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-22 19:46 - 2016-05-26 06:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-22 19:46 - 2016-05-26 03:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-22 19:46 - 2016-05-26 03:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-22 19:46 - 2016-05-26 03:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-22 19:45 - 2016-09-22 19:45 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-22 04:26 - 2016-09-22 04:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-22 04:24 - 2016-09-22 04:24 - 00000000 ____D C:\ProgramData\USOShared
2016-09-22 04:23 - 2016-09-22 04:24 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Local\ConnectedDevicesPlatform
2016-09-22 04:23 - 2016-09-22 04:23 - 00000020 ___SH C:\Users\GollyGeeTickleMyKnee\ntuser.ini
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default\My Documents
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-09-22 04:23 - 2016-09-22 04:23 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-09-22 04:20 - 2016-09-26 14:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-22 04:20 - 2016-09-24 18:39 - 00003354 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForGollyGeeTickleMyKnee
2016-09-22 04:20 - 2016-09-24 08:45 - 00003948 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1464954147
2016-09-22 04:20 - 2016-09-22 04:22 - 00015243 _____ C:\WINDOWS\diagwrn.xml
2016-09-22 04:20 - 2016-09-22 04:22 - 00015243 _____ C:\WINDOWS\diagerr.xml
2016-09-22 04:20 - 2016-09-22 04:20 - 00003428 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-22 04:20 - 2016-09-22 04:20 - 00003312 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2DFEF8FB-57C5-4873-92B2-8BAC6B903CB3}
2016-09-22 04:20 - 2016-09-22 04:20 - 00003300 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FDE8B631-6B23-416C-BE21-AC652515B68C}
2016-09-22 04:20 - 2016-09-22 04:20 - 00003204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-22 04:20 - 2016-09-22 04:20 - 00002848 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-22 04:20 - 2016-09-22 04:20 - 00002602 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForBESS$
2016-09-22 04:20 - 2016-09-22 04:20 - 00002548 _____ C:\WINDOWS\System32\Tasks\MirageAgent
2016-09-22 04:20 - 2016-09-22 04:20 - 00002436 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2016-09-22 04:20 - 2016-09-22 04:20 - 00002148 _____ C:\WINDOWS\System32\Tasks\{457937F9-80A5-4F76-8B1A-1DC346C98BDC}
2016-09-22 04:20 - 2016-09-22 04:20 - 00002148 _____ C:\WINDOWS\System32\Tasks\{3EA2EB6B-1F5A-4AA7-9DE8-064AA8118FAE}
2016-09-22 04:20 - 2016-09-22 04:20 - 00002144 _____ C:\WINDOWS\System32\Tasks\{79DB1067-7F06-45C6-974C-E6A94DB61986}
2016-09-22 04:20 - 2016-09-22 04:20 - 00002142 _____ C:\WINDOWS\System32\Tasks\{BD7E8948-9DD9-45CB-B652-F7D791A9D43D}
2016-09-22 04:20 - 2016-09-22 04:20 - 00002142 _____ C:\WINDOWS\System32\Tasks\{6AE73CF2-7F4D-4E7B-B14F-0E58644200E9}
2016-09-22 04:20 - 2016-09-22 04:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-09-22 04:20 - 2016-09-22 04:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-09-22 04:20 - 2016-09-22 04:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-09-22 04:20 - 2016-09-22 04:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-09-22 04:12 - 2016-09-22 04:12 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default\AppData\Local\Hewlett-Packard
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-09-22 04:12 - 2016-09-22 04:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Hewlett-Packard
2016-09-22 04:08 - 2016-09-22 04:08 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-09-22 04:07 - 2016-09-22 04:13 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-22 04:05 - 2016-09-26 13:41 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee
2016-09-22 04:05 - 2016-09-26 13:40 - 00000000 ____D C:\Users\Tess and David
2016-09-22 04:05 - 2016-09-26 13:40 - 00000000 ____D C:\Users\DefaultAppPool
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\Tess and David\My Documents
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\Tess and David\Documents\My Videos
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\Tess and David\Documents\My Pictures
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\Tess and David\Documents\My Music
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\GollyGeeTickleMyKnee\My Documents
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\GollyGeeTickleMyKnee\Documents\My Videos
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\GollyGeeTickleMyKnee\Documents\My Pictures
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\GollyGeeTickleMyKnee\Documents\My Music
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-09-22 04:05 - 2016-09-22 04:05 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-09-22 04:04 - 2016-09-26 14:33 - 01047700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-22 04:04 - 2016-09-22 04:04 - 00968848 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-22 04:02 - 2016-09-22 04:08 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-22 04:02 - 2016-09-22 04:08 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-22 04:02 - 2016-09-22 04:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-22 04:02 - 2016-09-22 04:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-22 04:02 - 2016-09-22 04:02 - 00000000 ____D C:\ProgramData\AMD
2016-09-22 04:02 - 2016-09-22 04:02 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-22 04:01 - 2016-09-22 04:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-22 04:01 - 2016-09-22 04:01 - 00000000 ____D C:\Program Files\AMD
2016-09-22 04:01 - 2016-09-22 04:01 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-22 04:01 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-22 04:00 - 2016-09-26 11:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-22 04:00 - 2016-09-22 10:45 - 00238960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-22 04:00 - 2016-09-22 04:00 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-21 17:44 - 2016-09-21 17:44 - 00055989 _____ C:\Users\GollyGeeTickleMyKnee\Desktop\iinetaccountdelay.pdf
2016-09-21 16:38 - 2016-09-21 16:38 - 00001279 _____ C:\Users\GollyGeeTickleMyKnee\Desktop\Start Tor Browser.lnk
2016-09-21 16:37 - 2016-09-21 16:37 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Tor Browser
2016-09-21 16:35 - 2016-09-21 16:35 - 00000000 ____D C:\TorOnion
2016-09-19 17:11 - 2016-09-19 17:11 - 00000506 _____ C:\Users\GollyGeeTickleMyKnee\Documents\Rubbish.txt
2016-09-18 14:48 - 2016-09-18 14:50 - 50035240 _____ C:\Users\GollyGeeTickleMyKnee\Desktop\torbrowser-install-6.5a2_en-US.exe
2016-09-16 10:16 - 2016-09-16 10:16 - 00008821 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Chat_Transcript_1473992174216681.pdf
2016-09-14 12:18 - 2016-09-14 12:18 - 00233606 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.14.9.2016.2.html
2016-09-14 12:18 - 2016-09-14 12:18 - 00233536 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.14.9.2016.1.html
2016-09-14 12:18 - 2016-09-14 12:18 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.14.9.2016.2_files
2016-09-14 12:18 - 2016-09-14 12:18 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.14.9.2016.1_files
2016-09-13 11:52 - 2016-09-15 10:21 - 00000047 _____ C:\Users\GollyGeeTickleMyKnee\Documents\Garlic.txt
2016-09-06 10:35 - 2016-09-06 10:35 - 00040283 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\CatholicSuperUpdate Beneficiaries2.html
2016-09-06 10:35 - 2016-09-06 10:35 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\CatholicSuperUpdate Beneficiaries2_files
2016-09-06 10:34 - 2016-09-06 10:34 - 00034810 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\CatholicSuperUpdate Beneficiaries1.html
2016-09-06 10:34 - 2016-09-06 10:34 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\CatholicSuperUpdate Beneficiaries1_files
2016-09-02 10:31 - 2016-09-02 10:33 - 00000023 _____ C:\Users\GollyGeeTickleMyKnee\Documents\Google Varification.txt
2016-08-31 17:03 - 2016-08-31 17:03 - 00218641 _____ C:\Users\GollyGeeTickleMyKnee\Documents\KaelsStory.odp
2016-08-31 15:00 - 2016-08-31 15:00 - 00004186 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Transactions_31_08_2016.csv
2016-08-31 14:57 - 2016-08-31 14:57 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\OpenOffice
2016-08-31 14:47 - 2016-09-22 04:13 - 00000000 ___SD C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-08-31 14:47 - 2016-08-31 14:47 - 00001196 _____ C:\Users\GollyGeeTickleMyKnee\Desktop\OpenOffice 4.1.2.lnk
2016-08-31 14:46 - 2016-08-31 14:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-08-31 14:43 - 2016-08-31 14:43 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Desktop\OpenOffice 4.1.2 (en-US) Installation Files
2016-08-31 14:35 - 2016-08-31 14:43 - 140783556 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_en-US.exe
2016-08-31 12:45 - 2016-08-31 12:45 - 00150444 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.4.html
2016-08-31 12:45 - 2016-08-31 12:45 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.4_files
2016-08-31 12:43 - 2016-08-31 12:43 - 00150401 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.3.html
2016-08-31 12:43 - 2016-08-31 12:43 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.3_files
2016-08-31 12:42 - 2016-08-31 12:42 - 00230669 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.2.html
2016-08-31 12:42 - 2016-08-31 12:42 - 00230599 _____ C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.1.html
2016-08-31 12:42 - 2016-08-31 12:42 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.2_files
2016-08-31 12:42 - 2016-08-31 12:42 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\Downloads\Report Employment Income - centrelink online account.31.8.16.1_files
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 16:36 - 2016-07-01 09:15 - 00000000 ____D C:\FRST
2016-09-26 16:33 - 2016-07-01 16:39 - 02403328 _____ (Farbar) C:\Users\GollyGeeTickleMyKnee\Desktop\FRST64.exe
2016-09-26 16:08 - 2016-07-16 14:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-26 15:28 - 2011-10-11 07:30 - 00000000 ____D C:\ProgramData\PDFC
2016-09-26 14:27 - 2016-05-17 23:37 - 00142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2016-09-26 14:13 - 2016-07-16 14:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-09-26 13:41 - 2016-04-18 14:35 - 00000402 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGollyGeeTickleMyKnee.job
2016-09-26 13:39 - 2016-08-25 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-26 13:39 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-26 13:39 - 2016-06-26 16:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-26 13:39 - 2016-06-06 14:40 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-09-26 13:39 - 2016-05-11 09:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2016-09-26 13:39 - 2016-04-14 15:37 - 00000000 ____D C:\AdwCleaner
2016-09-26 13:39 - 2016-03-11 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 13:38 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-26 13:37 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-26 13:37 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\registration
2016-09-26 13:36 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-26 09:47 - 2016-07-02 12:58 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Local\Adobe
2016-09-24 08:45 - 2016-06-03 19:42 - 00001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-24 08:45 - 2016-06-03 19:41 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-23 15:49 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-22 19:59 - 2016-07-16 19:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-22 19:54 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-22 19:54 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-22 19:54 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-22 19:49 - 2016-07-16 22:15 - 00000000 ____D C:\WINDOWS\OCR
2016-09-22 19:46 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-22 19:46 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-22 19:46 - 2016-07-16 19:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-09-22 19:46 - 2016-07-16 19:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-09-22 19:46 - 2016-07-16 19:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-09-22 19:46 - 2016-07-16 19:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-09-22 19:46 - 2016-07-16 19:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-09-22 19:46 - 2016-07-16 19:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-22 19:46 - 2016-07-16 19:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-09-22 19:46 - 2016-07-16 19:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-09-22 19:46 - 2016-07-16 19:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-09-22 19:46 - 2016-07-16 19:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-09-22 19:46 - 2016-07-16 19:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-09-22 19:46 - 2016-07-16 19:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-09-22 19:46 - 2016-07-16 19:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-09-22 19:46 - 2016-07-16 19:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-09-22 19:46 - 2016-07-16 19:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-09-22 19:46 - 2016-07-16 19:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-22 19:46 - 2016-07-16 19:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-09-22 05:00 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 04:40 - 2016-05-18 10:31 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Local\Packages
2016-09-22 04:27 - 2016-05-18 10:34 - 00002442 _____ C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-22 04:27 - 2016-05-18 10:34 - 00000000 ___RD C:\Users\GollyGeeTickleMyKnee\OneDrive
2016-09-22 04:26 - 2016-07-16 19:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 04:24 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-22 04:23 - 2016-02-13 21:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-22 04:22 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-22 04:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-22 04:20 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-22 04:18 - 2016-07-16 19:47 - 00000000 __RSD C:\WINDOWS\Media
2016-09-22 04:18 - 2016-07-16 19:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-22 04:18 - 2016-05-17 23:39 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-22 04:13 - 2016-08-26 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-22 04:13 - 2016-06-26 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-22 04:13 - 2016-04-19 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IENT Total Sims Series
2016-09-22 04:13 - 2016-04-14 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-09-22 04:13 - 2016-04-14 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-09-22 04:13 - 2016-04-04 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-22 04:13 - 2016-03-24 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-09-22 04:13 - 2016-03-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-22 04:13 - 2016-03-07 02:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2016-09-22 04:13 - 2016-03-06 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-09-22 04:13 - 2016-03-06 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
2016-09-22 04:13 - 2016-03-06 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP User Manuals
2016-09-22 04:13 - 2011-10-11 07:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-09-22 04:13 - 2011-10-11 07:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-09-22 04:13 - 2011-10-11 07:33 - 00000000 ____D C:\WINDOWS\en
2016-09-22 04:13 - 2011-10-11 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2016-09-22 04:13 - 2011-10-11 07:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2016-09-22 04:13 - 2011-10-11 07:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-09-22 04:13 - 2011-10-11 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHT
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHS
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\tr
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\sv
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\sk
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\ru
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\ro
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\pt
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\pl
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\no
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\nl
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\ko
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\ja
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\it
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\hu
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\fi
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\es
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\el
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\da
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\cs
2016-09-22 04:13 - 2011-10-11 07:12 - 00000000 ____D C:\WINDOWS\SysWOW64\bg
2016-09-22 04:13 - 2011-10-11 07:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2016-09-22 04:13 - 2011-10-11 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-09-22 04:13 - 2011-10-11 07:05 - 00000000 ____D C:\Program Files\IDT
2016-09-22 04:13 - 2011-10-11 07:04 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2016-09-22 04:13 - 2009-07-14 13:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-22 04:12 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-22 04:12 - 2015-10-30 14:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 04:12 - 2011-10-11 06:59 - 00000000 ____D C:\ProgramData\SonicFocus
2016-09-22 04:09 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-22 04:09 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-22 04:09 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-22 04:09 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-22 04:09 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-22 04:08 - 2016-07-16 19:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-22 04:08 - 2016-07-16 19:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-22 04:08 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\schemas
2016-09-22 04:08 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Help
2016-09-22 04:08 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-22 04:08 - 2011-10-11 07:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-09-22 04:08 - 2011-10-11 07:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP TouchSmart
2016-09-22 04:08 - 2009-07-14 13:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-09-22 04:06 - 2016-06-14 09:38 - 00000000 ____D C:\Users\Tess and David\AppData\Local\Packages
2016-09-22 04:04 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-22 04:02 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-22 04:02 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-22 04:02 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-22 04:01 - 2016-05-17 23:27 - 00000000 ____D C:\AMD
2016-09-22 03:32 - 2016-07-16 23:17 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-22 02:50 - 2016-03-06 12:33 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-21 16:26 - 2016-03-14 15:43 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\vlc
2016-09-21 16:13 - 2016-04-07 09:57 - 00000000 ____D C:\Users\GollyGeeTickleMyKnee\AppData\Local\CrashDumps
2016-09-21 03:50 - 2016-03-06 12:33 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-17 05:52 - 2016-05-18 14:17 - 00002292 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 05:52 - 2016-03-06 12:35 - 00002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-16 10:48 - 2016-03-06 13:51 - 00000334 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBESS$.job
2016-09-14 12:37 - 2016-04-10 10:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 12:32 - 2016-04-10 10:31 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2016-03-17 12:38 - 2016-03-17 12:38 - 0126116 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\tmpHP_4.0
2016-03-17 12:38 - 2016-03-17 12:38 - 0171019 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\tmpHP_4.1
2016-03-17 12:38 - 2016-03-17 12:38 - 0171019 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\tmpHP_4.JPG
2016-03-17 12:38 - 2016-03-17 12:38 - 0126116 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\tmpOriHP_4.JPG
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 04:00
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by GollyGeeTickleMyKnee (26-09-2016 16:37:13)
Running from C:\Users\GollyGeeTickleMyKnee\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 20:23:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-276537238-745704212-931418625-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-276537238-745704212-931418625-503 - Limited - Disabled)
GollyGeeTickleMyKnee (S-1-5-21-276537238-745704212-931418625-1002 - Administrator - Enabled) => C:\Users\GollyGeeTickleMyKnee
Guest (S-1-5-21-276537238-745704212-931418625-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-276537238-745704212-931418625-1003 - Limited - Enabled)
Tess and David (S-1-5-21-276537238-745704212-931418625-1004 - Administrator - Enabled) => C:\Users\Tess and David
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{DCC90D9D-4F8D-4A06-9050-ADDB284FF9FA}) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{73AC89D8-5AFD-72F4-5266-03327E392C85}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (HKLM-x32\...\AVerMedia MiniCard Hybrid TV Tuner) (Version: 1.1.64.56 - AVerMedia TECHNOLOGIES, Inc.)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (x32 Version: 2011.0112.2151.39168 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink Media Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3928 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.2925 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DriverToolkit version 8.5.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4412 - Hewlett-Packard)
DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Facebook for HP TouchSmart (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.04.022 - Portrait Displays, Inc.)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Canvas (HKLM-x32\...\{27710506-32B1-49B3-B95B-B7C65FA6FA15}) (Version: 5.1.4267.27011 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.34.7 - HP)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.5.32.37 - HP)
HP Touch Browser (HKLM-x32\...\{4E575BFF-51A0-474E-A3BA-C0FCF82E6A78}) (Version: 5.1.4227.17815 - Hewlett-Packard)
HP TouchSmart Ben10 Comic Book Reader (HKLM-x32\...\{9EFD323B-6ADB-4B3A-9253-EA1A75E00F25}_is1) (Version: 4.0.0.0 - Turner Entertainment Networks Asia, Inc.)
HP TouchSmart Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - Hewlett-Packard)
HP TouchSmart eBay (HKLM-x32\...\{F12C6162-10D4-444A-9182-05CC3DB2456E}) (Version: 1.0.4098.28440 - Hewlett-Packard)
HP TouchSmart Get Updated! (HKLM-x32\...\{2B720998-2E26-4DD6-8AC8-A1FCA4B58384}_is1) (Version: 4.0.0.0 - Turner Entertainment Networks Asia, Inc.)
HP TouchSmart Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - Hewlett-Packard)
HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.5414 - Hewlett-Packard)
HP TouchSmart Paint Blast (HKLM-x32\...\{FBB0C095-4FF0-4AF6-8CD5-A80A390FB101}_is1) (Version: 4.0.0.0 - Turner Entertainment Networks Asia, Inc.)
HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.2.5414 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP TouchSmart Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - Hewlett-Packard)
HP TouchSmart Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - Hewlett-Packard)
HP TouchSmart Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 4.0.0.4 - Hewlett-Packard)
HP TouchSmart Twitter (HKLM-x32\...\{75781594-73D9-4D7B-997F-14D41BF1514E}) (Version: 3.0.4276.30236 - Hewlett-Packard)
HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.2.5414 - Hewlett-Packard)
HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.4214 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4412 - Hewlett-Packard)
Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.25 - Hewlett-Packard)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4222 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
SDK (x32 Version: 2.26.005 - Portrait Displays, Inc.) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Twitter (HKLM-x32\...\{75781594-73D9-4D7B-997F-14D41BF1514D}) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-276537238-745704212-931418625-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {10EEB965-B7BC-4482-9B47-7E007D408C68} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {120814CE-AAFC-4E29-A474-68931251CCCC} - System32\Tasks\{3EA2EB6B-1F5A-4AA7-9DE8-064AA8118FAE} => Firefox.exe
Task: {1B1C6ED5-46A1-474F-83AC-C323A4246C6F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {2DAB9005-74E3-407F-860D-D935B340D7B9} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {35058198-90A3-4B6D-8717-AB5546E015A5} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {35CD64BB-2552-4256-AF20-097273B20575} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {35EAC734-795A-4553-AD3E-FCE1D1EE8335} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {383421F2-8626-4B99-88B8-B8303C20941F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2011-05-31] (CyberLink)
Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {49142929-509D-4410-8973-10DB68AB834B} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {4B43D86D-DAC8-4D91-A050-52807B24962B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {4DBCD6D6-7DD4-4C3B-B762-37096D236D76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06] (Google Inc.)
Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {57132FB2-9433-459E-9E4F-13086AB7B6D6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {5CE3154D-FDD3-437F-84C0-0B6302ABFEC0} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {6411B3CF-CC24-49FC-A381-8B72195CAB8C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {6A60187F-9BC5-4171-97F0-41C9B0B903A5} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {72535014-B9F0-40C6-9963-81DAE800365F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {727307F0-4CB9-4456-B4D9-2FEF20638FF0} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report -> No File <==== ATTENTION
Task: {73BD9BAB-24B5-4E4C-9726-325DBB0059E4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {803DA596-6C2B-4866-BB95-BA19815AE33E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {89633208-9878-4BC7-B1B2-A8BCDE024002} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {896E780C-76E0-4175-B9E4-7025FF3A63FF} - \Microsoft\Windows\TabletPC\InputPersonalization -> No File <==== ATTENTION
Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {A3027E90-8C3A-4729-8DC1-009784A83FFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {A37C5D26-96C0-4996-9EDA-0AD0EDC1F8B8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A5C28969-B859-4B5D-A10E-5B9BE26EFCAA} - System32\Tasks\{BD7E8948-9DD9-45CB-B652-F7D791A9D43D} =>
Task: {A950B823-4376-4810-A88E-370158273C3B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A998754D-B1C1-4F61-8242-E92BA6923DEA} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater -> No File <==== ATTENTION
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {AD34596A-D141-4F37-8058-3A14D91B1D23} - System32\Tasks\{457937F9-80A5-4F76-8B1A-1DC346C98BDC} => Firefox.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {C1C3FC63-513B-4267-807D-E9C6048EF08B} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {C278F5DF-DFDC-4A76-BE83-146E86E11EDA} - System32\Tasks\{6AE73CF2-7F4D-4E7B-B14F-0E58644200E9} =>
Task: {C3ED027B-BEAB-4666-B1FA-82C377CC74D2} - System32\Tasks\Opera scheduled Autoupdate 1464954147 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {D2D3BA4D-B1C0-4009-BE9D-B7D482E4C673} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {DB729437-9097-4D30-9994-1015FB6B4A48} - System32\Tasks\HPCeeScheduleForBESS$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {DC698E53-799B-4DE4-B0E1-4F8520BB39AC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DE3ABF9F-F334-4655-9AEC-3F3A4374F44E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E8593985-A19B-4AD7-B60D-D1F5609E9DD2} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {EEF9A259-8CED-442E-8028-FF77624A38B7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {F08FC43D-CFF1-4DEB-A5DD-3F893F077367} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {F3AAD3B5-29C2-4E1F-A2CC-9D7D44DE9A32} - System32\Tasks\HPCeeScheduleForGollyGeeTickleMyKnee => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {F4107B57-13BE-479E-8D19-46E700BB6A2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-08-08] (HP Inc.)
Task: {F4C492E3-0050-4FB9-8E7B-2AB3F370D63A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {F6EC5050-1545-4413-8D4B-E89CDDB0F7DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06] (Google Inc.)
Task: {F8AEE2A8-A6E2-4448-A09F-62130DFB75B7} - System32\Tasks\{79DB1067-7F06-45C6-974C-E6A94DB61986} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2015-11-04] (Advanced Micro Devices Inc.)
Task: {F96C8207-91E1-47F4-B64B-CA7CF60498C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FAAC3A9B-231C-452E-9965-1CBB840FC4B0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {FE0F0A15-B282-44FB-86D3-5E384B1B3901} - \Hewlett-Packard\HP Support Assistant\PC Health Analysis -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBESS$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForGollyGeeTickleMyKnee.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-22 04:26 - 2016-09-22 04:26 - 01864384 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-22 04:58 - 2016-09-22 05:00 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-22 04:58 - 2016-09-22 05:00 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-22 04:58 - 2016-09-22 05:00 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-22 19:53 - 2016-09-22 19:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-26 17:41 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-26 17:41 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-26 17:41 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-26 17:41 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-26 17:41 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-09-22 04:26 - 2016-09-22 04:26 - 01383616 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-22 04:26 - 2016-09-22 04:26 - 00118976 _____ () C:\Users\GollyGeeTickleMyKnee\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2011-10-11 07:25 - 2011-02-16 02:59 - 00015624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\ACPIDll.dll
2016-09-17 05:52 - 2016-09-14 08:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 05:52 - 2016-09-14 08:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 10:34 - 2016-04-21 08:00 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-276537238-745704212-931418625-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\GollyGeeTickleMyKnee\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{D25905BD-364B-4C1F-A2FE-EFC614F53A50}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C2D98FF2-9B0D-4387-AF09-C98637AA0C52}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DAC34DCD-206A-4FC4-8266-F942FC0037A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7E6CAD08-C5ED-4813-99BE-CFA7C95B02A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{44B22764-B662-43ED-9B78-23E0AC78E4A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A28C1962-AE37-45E6-9685-964327B094A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5D0A8F6-AC15-4596-9A05-7578D6AAD393}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{EBB2CEA4-400A-48E2-BAD9-EA800C3C3CD0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\HPTouchSmartPhoto.exe
FirewallRules: [{F94346E6-534F-49E7-969A-E4B35C7D0BF1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\PhotoAgent.exe
FirewallRules: [{7587DFB0-90B6-42E7-BCF8-6E48BADE5A6D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartMusic.exe
FirewallRules: [{59F30AA6-805B-4F1B-9EA8-9FE3FD804226}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartPhoto.exe
FirewallRules: [{DEC93443-85D3-48C7-A21B-16AFAB81DFFE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartVideo.exe
FirewallRules: [{314A2158-85B8-464F-9B89-3AA275B9A173}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\TSMAgent.exe
FirewallRules: [{EDC029CD-389E-459C-BACF-A43A418157E2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{173888EB-4DDD-4A46-B1AA-6EBD68DF9CDB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{5CF4DD8F-101E-4051-B609-7EE5097DD4E6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{57EC212A-02DE-4FC0-9996-E619146FD48E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{8AB90297-2A59-4E85-8771-1935C87119B9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{54DEB71F-F00A-455D-8E45-8A5FBAE7077A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{26D540D3-07A5-4182-82B4-463071B4B587}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B34564A4-A97A-4AEF-9015-5C849E392F40}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D83074F3-690D-460D-8663-8566DD967E9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{715552EA-3C75-4134-89C4-60E692D442EA}] => (Allow) LPort=2869
FirewallRules: [{6C1DAC03-5122-4F28-95D5-3882D3D20476}] => (Allow) LPort=1900
FirewallRules: [{35D1E601-6A80-4F84-9EE9-5B21088CD6CD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A5457721-5370-4839-9D92-C265E83881B3}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{272EEDB7-B1FB-4B2D-98B5-17CDC9E0D7CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{908BACA7-F08D-47DB-909E-7AED124440B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2B4596C4-6A12-4BAA-B2A2-CB3ADFC25139}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{808CB5FA-D37B-4C37-81BB-CEB08114ABE8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{DF10A90F-FF00-4B91-8B47-71F17E7E5678}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{327EC391-5928-4472-8ACE-8B1F057DF14D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1AB5C935-7901-4D5C-917F-560615FBF952}C:\program files (x86)\google\chrome\application\google chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\google chrome.exe
FirewallRules: [UDP Query User{E08FD44A-F0ED-4039-8891-14992738AEBC}C:\program files (x86)\google\chrome\application\google chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\google chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
26-09-2016 14:52:32 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/26/2016 04:17:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x19ec
Faulting application start time: 0x01d217ce6ad78a5b
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: 48e1e77c-1c3b-408f-a354-26d033fbaa07
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Error: (09/26/2016 04:17:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x19ec
Faulting application start time: 0x01d217ce6ad78a5b
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: 4fd4d3c9-a2a7-4278-9e4f-3d286bbf5a12
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Error: (09/26/2016 02:52:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (09/26/2016 02:27:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Faulting module name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Exception code: 0xc0000005
Fault offset: 0x000000000000575a
Faulting process id: 0xa28
Faulting application start time: 0x01d217bf198394b5
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Report Id: 71819bde-2931-4f64-9bdd-41c264c7ba91
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2016 02:12:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Faulting module name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Exception code: 0xc0000005
Fault offset: 0x000000000000575a
Faulting process id: 0x9dc
Faulting application start time: 0x01d217bd04f91dde
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Report Id: c759a51d-bedb-4297-9b74-cde33c686aa6
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2016 02:11:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Faulting module name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Exception code: 0xc0000005
Fault offset: 0x000000000000575a
Faulting process id: 0xd34
Faulting application start time: 0x01d217bcd77e5d17
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Report Id: 9e4e0cb9-5a46-4687-a2d6-8e4835cfd2ac
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2016 02:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Faulting module name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Exception code: 0xc0000005
Fault offset: 0x000000000000575a
Faulting process id: 0xa00
Faulting application start time: 0x01d217bbbc993a05
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Report Id: 4bfbc952-f742-44be-96d9-766bbb69ada4
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2016 01:41:48 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (09/26/2016 01:41:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Faulting module name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x563a7c08
Exception code: 0xc0000005
Fault offset: 0x000000000000575a
Faulting process id: 0xa58
Faulting application start time: 0x01d217b895352b48
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Report Id: 541500ea-3b17-4ec6-9783-a0d418233288
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2016 01:41:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1408) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0002A.log.
System errors:
=============
Error: (09/26/2016 03:50:37 PM) (Source: DCOM) (EventID: 10010) (User: Bess)
Description: The server {37734C4D-FFA8-4139-9AAC-60FBE55BF3DF} did not register with DCOM within the required timeout.
Error: (09/26/2016 03:48:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Block Level Backup Engine Service service terminated with the following error:
%%2147942583 = Cannot create a file when that file already exists.
Error: (09/26/2016 02:27:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/26/2016 02:27:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/26/2016 02:27:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/26/2016 02:13:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/26/2016 02:13:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/26/2016 02:12:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/26/2016 02:11:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/26/2016 02:11:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: AMD A8-3800 APU with Radeon HD Graphics
Percentage of memory in use: 26%
Total physical RAM: 8176.62 MB
Available physical RAM: 5989.66 MB
Total Virtual: 10096.62 MB
Available Virtual: 7746.51 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1846.37 GB) (Free:1767.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.1 GB) (Free:1.95 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (My Passport) (Fixed) (Total:465.73 GB) (Free:380.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 459EBA3B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1846.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=16.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Thank You for your time and patience.
David