when you ran AdwCleaner you commented: I am now getting pages that were previously blocked.
The tool will perform 'Winsock settings cleared'
See if this link on how to 'To reset Winsock in Windows 10' helps here
http://forum.thewindowsclub.com/wind...-10-8-7-a.html
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
I still have the problem. I have tried some of the tools in FixWin10. I am running FarBar again now. It has updated today. I tried the winsock repair commands and they were not entirely successful.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Fraser Ross (administrator) on FROSSDESKTOP (12-11-2016 10:37:21)
Running from C:\Users\Fraser Ross\Desktop
Loaded Profiles: Fraser Ross (Available Profiles: Fraser Ross)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Check Point Software Technologies Ltd.) I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Check Point Software Technologies, Ltd.) I:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
() C:\Program Files (x86)\VIA\RAID\vialogsv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Piriform Ltd) I:\Program Files\CCleaner\CCleaner64.exe
(Acronis) I:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\VIA\RAID\raid_tool.exe
(Check Point Software Technologies Ltd.) I:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518464 2013-07-18] (Acronis)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [990464 2016-11-06] (Webroot)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => I:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7806256 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102208 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [VIARaidUtl] => C:\Program Files (x86)\VIA\RAID\raid_tool.exe [2378352 2011-03-15] ()
HKLM-x32\...\Run: [ZoneAlarm] => I:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-03-24] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Run: [CCleaner Monitoring] => I:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Run: [EPSON Stylus D92 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIBZE.EXE [213504 2007-10-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\RunOnce: [Uninstall C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\RunOnce: [Uninstall C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1"
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => I:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => I:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => I:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-11-06] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0c04b21a-1379-44c0-a844-be52cec79f7e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{23b36322-0062-43c5-8a28-e4bfaef231ad}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3e9baf75-b5ed-4662-ae47-553353b64038}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
SearchScopes: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000 -> DefaultScope {F2872BFE-A208-4FD9-B4AC-B57C0068ABC9} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> I:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-11-06] (Webroot)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-08] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-11-06] (Webroot)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-08] (Oracle Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1408106732135
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Fraser Ross\AppData\Roaming\Mozilla\Firefox\Profiles\k0ntdoc1.default [2016-11-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k0ntdoc1.default -> Search By ZoneAlarm
FF Homepage: Mozilla\Firefox\Profiles\k0ntdoc1.default -> hxxps://en.wikipedia.org/wiki/Main_Page
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> http", "localhost"
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> http_port", 21320
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> no_proxies_on", "192.168.2.1,http://www.amazon.co.uk,https://www.grc.com"
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> ssl", "localhost"
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> ssl_port", 21320
FF NetworkProxy: Mozilla\Firefox\Profiles\k0ntdoc1.default -> type", 0
FF HKLM\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2016-11-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-12] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> I:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~3\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~4\MICROS~1\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3240783315-1213011343-4006949943-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Fraser Ross\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-17] (Citrix Online)
StartMenuInternet: FIREFOX.EXE - I:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [713736 2015-04-23] (Garmin Ltd. or its subsidiaries)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [335872 2003-03-19] (Microsoft Corporation) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-Link\Common\RaRegistry.exe [383280 2013-03-27] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-Link\Common\RaRegistry64.exe [452912 2013-02-04] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [File not signed]
R2 VRAID Log Service; C:\Program Files (x86)\VIA\RAID\vialogsv.exe [55920 2011-03-15] ()
R2 vsmon; I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-03-24] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [990464 2016-11-06] (Webroot)
R2 ZAPrivacyService; I:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [File not signed]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [File not signed]
S3 DIRECTIO; I:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
S3 EfiInvoker; C:\Windows\SysWOW64\Drivers\invoker64.sys [13080 2013-07-02] (Windows (R) Server 2003 DDK provider)
S1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [917880 2015-11-03] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2013-09-24] (Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2013-10-28] (Acronis International GmbH)
S3 USB_Ethernet_Adaptor; C:\WINDOWS\System32\drivers\USB_Ethernet_Adaptor.sys [21504 2013-01-22] (Corechip Semiconductor, Inc. Co Ltd.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [462296 2016-07-29] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [143248 2016-11-12] (Webroot)
R3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [66328 2016-11-06] (Webroot)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 10:36 - 2016-11-12 10:36 - 00000000 ___DC C:\Users\Fraser Ross\Desktop\FRST-OlderVersion
2016-11-12 10:04 - 2016-11-12 10:04 - 00000000 ___DC C:\UWT
2016-11-12 08:47 - 2016-11-12 08:47 - 00106816 ____C C:\Users\Fraser Ross\Downloads\FixWin10.zip
2016-11-12 08:47 - 2016-11-12 08:47 - 00000000 ___DC C:\Users\Fraser Ross\Downloads\FixWin10
2016-11-12 08:34 - 2016-11-06 10:45 - 00066328 ____T (Webroot) C:\WINDOWS\system32\Drivers\wrUrlFlt.sys
2016-11-11 18:36 - 2016-11-12 10:38 - 00023621 ____C C:\Users\Fraser Ross\Desktop\FRST.txt
2016-11-11 16:36 - 2016-11-11 18:41 - 00056261 ____C C:\Users\Fraser Ross\Desktop\Addition.txt
2016-11-11 16:34 - 2016-11-11 16:36 - 00193919 ____C C:\Users\Fraser Ross\Desktop\1FRST.txt
2016-11-11 15:07 - 2016-11-11 15:07 - 00002556 ____C C:\Users\Fraser Ross\Desktop\JRT.txt
2016-11-11 12:39 - 2016-11-11 12:39 - 00011527 ____C C:\Users\Fraser Ross\Desktop\1Fixlog.txt
2016-11-11 12:36 - 2016-11-12 10:36 - 02411520 ____C (Farbar) C:\Users\Fraser Ross\Desktop\FRST64.exe
2016-11-11 11:28 - 2016-11-02 12:01 - 00484584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-11 11:28 - 2016-11-02 12:01 - 00315744 ____C (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-11 11:28 - 2016-11-02 11:22 - 01570672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-11 11:28 - 2016-11-02 11:22 - 00601712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-11 11:28 - 2016-11-02 11:20 - 00590960 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-11 11:28 - 2016-11-02 11:13 - 01883784 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-11 11:28 - 2016-11-02 11:13 - 00773720 ____C (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-11 11:28 - 2016-11-02 11:13 - 00423776 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-11 11:28 - 2016-11-02 11:12 - 02255712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-11 11:28 - 2016-11-02 11:12 - 00376672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-11 11:28 - 2016-11-02 11:12 - 00341344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-11 11:28 - 2016-11-02 11:10 - 02323728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-11 11:28 - 2016-11-02 11:09 - 02257104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-11 11:28 - 2016-11-02 11:08 - 00602464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-11 11:28 - 2016-11-02 11:08 - 00576408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-11 11:28 - 2016-11-02 11:08 - 00186424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-11 11:28 - 2016-11-02 11:08 - 00111968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-11 11:28 - 2016-11-02 11:05 - 06657176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-11 11:28 - 2016-11-02 11:05 - 03892352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-11 11:28 - 2016-11-02 11:05 - 00959112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-11 11:28 - 2016-11-02 11:05 - 00951904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-11 11:28 - 2016-11-02 11:05 - 00405856 ____C (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-11 11:28 - 2016-11-02 11:04 - 04312248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-11 11:28 - 2016-11-02 11:03 - 02750936 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-11 11:28 - 2016-11-02 11:03 - 00714592 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-11 11:28 - 2016-11-02 11:02 - 00682816 ____C (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-11 11:28 - 2016-11-02 11:02 - 00238056 ____C (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-11 11:28 - 2016-11-02 11:01 - 01425000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-11 11:28 - 2016-11-02 11:01 - 01415744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-11 11:28 - 2016-11-02 11:01 - 01263856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-11 11:28 - 2016-11-02 11:01 - 00545936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-11 11:28 - 2016-11-02 11:01 - 00276832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-11 11:28 - 2016-11-02 11:00 - 22223968 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-11 11:28 - 2016-11-02 11:00 - 08156080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-11 11:28 - 2016-11-02 11:00 - 01274712 ____C (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-11 11:28 - 2016-11-02 11:00 - 00534096 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-11 11:28 - 2016-11-02 10:59 - 04673304 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-11 11:28 - 2016-11-02 10:50 - 00034304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-11 11:28 - 2016-11-02 10:49 - 00147968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-11 11:28 - 2016-11-02 10:49 - 00037376 ____C (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-11 11:28 - 2016-11-02 10:48 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-11 11:28 - 2016-11-02 10:47 - 00047104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-11 11:28 - 2016-11-02 10:46 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-11 11:28 - 2016-11-02 10:44 - 00180224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-11 11:28 - 2016-11-02 10:44 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-11 11:28 - 2016-11-02 10:43 - 00557568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-11 11:28 - 2016-11-02 10:43 - 00270336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-11 11:28 - 2016-11-02 10:42 - 00632832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-11 11:28 - 2016-11-02 10:42 - 00506880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-11 11:28 - 2016-11-02 10:42 - 00306176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-11 11:28 - 2016-11-02 10:42 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-11 11:28 - 2016-11-02 10:40 - 00896512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-11 11:28 - 2016-11-02 10:40 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-11 11:28 - 2016-11-02 10:39 - 00465920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-11 11:28 - 2016-11-02 10:39 - 00348672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-11 11:28 - 2016-11-02 10:39 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-11 11:28 - 2016-11-02 10:38 - 22563840 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-11 11:28 - 2016-11-02 10:38 - 00760832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-11 11:28 - 2016-11-02 10:37 - 19415040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-11 11:28 - 2016-11-02 10:37 - 00299008 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-11 11:28 - 2016-11-02 10:36 - 19415552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-11 11:28 - 2016-11-02 10:36 - 07626752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-11 11:28 - 2016-11-02 10:36 - 00415744 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-11 11:28 - 2016-11-02 10:34 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-11 11:28 - 2016-11-02 10:33 - 12349952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-11 11:28 - 2016-11-02 10:33 - 03307520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-11 11:28 - 2016-11-02 10:32 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 03196416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 01228288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 00226304 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-11 11:28 - 2016-11-02 10:31 - 00159232 ____C (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 00115712 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-11 11:28 - 2016-11-02 10:31 - 00090624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 12175360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 09131008 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00567296 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00363520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00321536 ____C (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00109056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 07469056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 03666432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 01247232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 00884224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 00336896 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 00314880 ____C (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 00296960 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-11 11:28 - 2016-11-02 10:29 - 00122368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 06044160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 04423680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00807424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00690176 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00432128 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00411136 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00279552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00274432 ____C (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00252928 ____C (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00240640 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00109568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-11 11:28 - 2016-11-02 10:28 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 23677952 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 02458112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 01388544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 00631296 ____C (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 00605184 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-11 11:28 - 2016-11-02 10:27 - 00580608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 00545792 ____C (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-11 11:28 - 2016-11-02 10:27 - 00495104 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 00422400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-11 11:28 - 2016-11-02 10:27 - 00261632 ____C (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 02747392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 02484736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 01509376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00912896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00712192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00388608 ____C (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00358912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00278016 ____C (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-11 11:28 - 2016-11-02 10:26 - 00049152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-11 11:28 - 2016-11-02 10:25 - 02998272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-11 11:28 - 2016-11-02 10:25 - 01556480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-11 11:28 - 2016-11-02 10:25 - 00956416 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-11 11:28 - 2016-11-02 10:25 - 00655872 ____C (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-11 11:28 - 2016-11-02 10:25 - 00496128 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-11 11:28 - 2016-11-02 10:24 - 00940032 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-11 11:28 - 2016-11-02 10:23 - 03106304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-11 11:28 - 2016-11-02 10:23 - 02104320 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-11 11:28 - 2016-11-02 10:23 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-11 11:28 - 2016-11-02 10:23 - 00072704 ____C (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-11 11:28 - 2016-11-02 10:22 - 13441024 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-11 11:28 - 2016-11-02 10:22 - 13081600 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-11 11:28 - 2016-11-02 10:22 - 04749312 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-11 11:28 - 2016-11-02 10:22 - 00369664 ____C (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-11 11:28 - 2016-11-02 10:22 - 00337920 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-11 11:28 - 2016-11-02 10:21 - 05111296 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-11 11:28 - 2016-11-02 10:21 - 00942080 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-11 11:28 - 2016-11-02 10:20 - 02273792 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 08127488 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 08075776 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 01586176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 00981504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 00805888 ____C (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 00154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 00130560 ____C (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-11 11:28 - 2016-11-02 10:19 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-11 11:28 - 2016-11-02 10:18 - 01690112 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-11 11:28 - 2016-11-02 10:18 - 00991232 ____C (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-11 11:28 - 2016-11-02 10:18 - 00836608 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-11 11:28 - 2016-11-02 10:18 - 00779776 ____C (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 04746752 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 01282048 ____C (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 00982528 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 00909824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 00828416 ____C (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-11 11:28 - 2016-11-02 10:17 - 00389632 ____C (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 03400192 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 03133440 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 02688512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 02669056 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 02512384 ____C (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 01779712 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 01637888 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 01359360 ____C (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 00881664 ____C (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 00770560 ____C (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 00629248 ____C (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 00308736 ____C (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-11 11:28 - 2016-11-02 10:15 - 04708864 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-11 11:28 - 2016-11-02 10:15 - 02611200 ____C (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-11 11:28 - 2016-11-02 10:15 - 01513472 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-11 11:28 - 2016-11-02 10:15 - 01348608 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-11 11:28 - 2016-11-02 10:15 - 00483328 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-11 11:28 - 2016-11-02 10:14 - 01726976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-11 11:28 - 2016-11-02 10:13 - 03496960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-11 11:28 - 2016-11-02 10:13 - 03299840 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-11 11:28 - 2016-11-02 08:20 - 00446896 ____C C:\WINDOWS\system32\ApnDatabase.xml
2016-11-11 11:27 - 2016-11-02 11:20 - 00378720 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-11 11:27 - 2016-11-02 11:15 - 01051112 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-11 11:27 - 2016-11-02 11:15 - 00894096 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-11 11:27 - 2016-11-02 11:14 - 07816544 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-11 11:27 - 2016-11-02 11:13 - 01354320 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-11 11:27 - 2016-11-02 11:13 - 01173496 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-11 11:27 - 2016-11-02 11:05 - 20969928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-11 11:27 - 2016-11-02 11:04 - 02678056 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-11 11:27 - 2016-11-02 11:04 - 00596832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-11 11:27 - 2016-11-02 11:02 - 00848736 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-11 11:27 - 2016-11-02 11:02 - 00148832 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-11 11:27 - 2016-11-02 11:01 - 00092512 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-11 11:27 - 2016-11-02 11:00 - 04130432 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-11 11:27 - 2016-11-02 11:00 - 01061968 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-11 11:27 - 2016-11-02 10:56 - 01609920 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-11 11:27 - 2016-11-02 10:56 - 01572768 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-11 11:27 - 2016-11-02 10:56 - 01418312 ____C (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-11 11:27 - 2016-11-02 10:56 - 00628552 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-11 11:27 - 2016-11-02 10:56 - 00322912 ____C (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-11 11:27 - 2016-11-02 10:55 - 00048992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-11 11:27 - 2016-11-02 10:48 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-11 11:27 - 2016-11-02 10:48 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-11 11:27 - 2016-11-02 10:47 - 00285184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-11 11:27 - 2016-11-02 10:47 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-11 11:27 - 2016-11-02 10:46 - 00140288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-11 11:27 - 2016-11-02 10:45 - 00492032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-11 11:27 - 2016-11-02 10:45 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-11 11:27 - 2016-11-02 10:45 - 00182784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-11 11:27 - 2016-11-02 10:44 - 00231936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-11 11:27 - 2016-11-02 10:43 - 00731136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-11 11:27 - 2016-11-02 10:43 - 00198144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-11 11:27 - 2016-11-02 10:43 - 00126464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-11 11:27 - 2016-11-02 10:42 - 00866816 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-11 11:27 - 2016-11-02 10:42 - 00549376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-11 11:27 - 2016-11-02 10:42 - 00202752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-11 11:27 - 2016-11-02 10:41 - 00635904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-11 11:27 - 2016-11-02 10:40 - 00548352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-11 11:27 - 2016-11-02 10:36 - 00063488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-11 11:27 - 2016-11-02 10:35 - 00336896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-11 11:27 - 2016-11-02 10:34 - 00327168 ____C (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-11 11:27 - 2016-11-02 10:33 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-11 11:27 - 2016-11-02 10:32 - 00045056 ____C (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-11 11:27 - 2016-11-02 10:31 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-11 11:27 - 2016-11-02 10:31 - 00170496 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-11 11:27 - 2016-11-02 10:31 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-11 11:27 - 2016-11-02 10:30 - 00635904 ____C (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-11 11:27 - 2016-11-02 10:30 - 00134144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-11 11:27 - 2016-11-02 10:29 - 00418304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-11 11:27 - 2016-11-02 10:29 - 00276992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-11 11:27 - 2016-11-02 10:29 - 00211968 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-11 11:27 - 2016-11-02 10:29 - 00139264 ____C (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-11 11:27 - 2016-11-02 10:28 - 00748544 ____C (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-11 11:27 - 2016-11-02 10:28 - 00321024 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-11 11:27 - 2016-11-02 10:28 - 00260608 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-11 11:27 - 2016-11-02 10:28 - 00088576 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-11 11:27 - 2016-11-02 10:26 - 01880576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-11 11:27 - 2016-11-02 10:26 - 01595392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-11 11:27 - 2016-11-02 10:26 - 00798208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-11 11:27 - 2016-11-02 10:26 - 00273920 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-11 11:27 - 2016-11-02 10:25 - 02256384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-11 11:27 - 2016-11-02 10:25 - 00772608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-11 11:27 - 2016-11-02 10:25 - 00541696 ____C (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-11 11:27 - 2016-11-02 10:24 - 03778560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-11 11:27 - 2016-11-02 10:23 - 02356736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-11 11:27 - 2016-11-02 10:23 - 00199680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-11 11:27 - 2016-11-02 10:20 - 00167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-11 11:27 - 2016-11-02 10:18 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-11 11:27 - 2016-11-02 10:16 - 04148736 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-11 11:27 - 2016-11-02 10:16 - 01490944 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-11 11:27 - 2016-11-02 10:16 - 00265728 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-11 11:27 - 2016-11-02 10:15 - 03616768 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-11 11:27 - 2016-11-02 10:15 - 00842240 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-11 11:27 - 2016-11-02 10:13 - 00322048 ____C (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-11 11:27 - 2016-11-02 09:11 - 00788624 ____C C:\WINDOWS\SysWOW64\locale.nls
2016-11-11 11:27 - 2016-11-02 09:11 - 00788624 ____C C:\WINDOWS\system32\locale.nls
2016-11-11 11:27 - 2016-08-02 04:30 - 00822784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-10 11:47 - 2016-11-12 10:37 - 00000000 ___DC C:\FRST
2016-11-09 18:19 - 2016-11-09 18:19 - 05383592 _____ (Gougelet Pierre-e ) C:\Users\Fraser Ross\Downloads\XnView-win.exe
2016-11-09 15:07 - 2016-11-09 15:07 - 00000000 ____D C:\WINDOWS\Panther
2016-11-08 17:34 - 2016-10-15 04:48 - 00498952 ____C (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-11-08 17:34 - 2016-10-15 04:37 - 00063328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-11-08 17:34 - 2016-10-15 04:33 - 00455040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-11-08 17:34 - 2016-10-15 04:26 - 01990648 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-11-08 17:34 - 2016-10-15 04:26 - 01472536 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-11-08 17:34 - 2016-10-15 04:26 - 00811416 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-11-08 17:34 - 2016-10-15 04:26 - 00691080 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-11-08 17:34 - 2016-10-15 04:22 - 01461200 ____C (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-11-08 17:34 - 2016-10-15 04:18 - 00749920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-11-08 17:34 - 2016-10-15 04:15 - 01557808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-11-08 17:34 - 2016-10-15 04:01 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-11-08 17:34 - 2016-10-15 03:57 - 00186880 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-11-08 17:34 - 2016-10-15 03:56 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-11-08 17:34 - 2016-10-15 03:56 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-11-08 17:34 - 2016-10-15 03:55 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-11-08 17:34 - 2016-10-15 03:54 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-11-08 17:34 - 2016-10-15 03:53 - 00147456 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-11-08 17:34 - 2016-10-15 03:52 - 06285312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-11-08 17:34 - 2016-10-15 03:50 - 17188352 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-11-08 17:34 - 2016-10-15 03:50 - 00509440 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-11-08 17:34 - 2016-10-15 03:49 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-11-08 17:34 - 2016-10-15 03:48 - 01323008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-11-08 17:34 - 2016-10-15 03:47 - 01113600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-11-08 17:34 - 2016-10-15 03:47 - 00558080 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-11-08 17:34 - 2016-10-15 03:46 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-11-08 17:34 - 2016-10-15 03:45 - 00406016 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-11-08 17:34 - 2016-10-15 03:44 - 00747008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-11-08 17:34 - 2016-10-15 03:44 - 00470016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-11-08 17:34 - 2016-10-15 03:43 - 00574976 ____C (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-11-08 17:34 - 2016-10-15 03:42 - 00539136 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-11-08 17:34 - 2016-10-15 03:42 - 00459776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-11-08 17:34 - 2016-10-15 03:41 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-11-08 17:34 - 2016-10-15 03:38 - 01993216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-11-08 17:34 - 2016-10-15 03:38 - 00913920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-11-08 17:34 - 2016-10-15 03:37 - 01643008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-11-08 17:34 - 2016-10-15 03:36 - 02290176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-11-08 17:34 - 2016-10-15 03:35 - 00701952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-11-08 17:34 - 2016-10-15 03:31 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-11-08 17:34 - 2016-10-05 10:33 - 00128864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-11-08 17:34 - 2016-10-05 10:31 - 02213248 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-11-08 17:34 - 2016-10-05 10:13 - 01859264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-11-08 17:34 - 2016-10-05 10:09 - 01071728 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-11-08 17:34 - 2016-10-05 10:09 - 00064352 ____C (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-11-08 17:34 - 2016-10-05 10:03 - 01705976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-11-08 17:34 - 2016-10-05 09:51 - 01430720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-11-08 17:34 - 2016-10-05 09:34 - 00144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-11-08 17:34 - 2016-10-05 09:32 - 00379904 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-11-08 17:34 - 2016-10-05 09:25 - 01589248 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-11-08 17:34 - 2016-10-05 09:23 - 01908224 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-11-08 17:34 - 2016-10-05 09:23 - 00284672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-11-08 17:34 - 2016-10-05 09:23 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-11-08 17:34 - 2016-10-05 09:18 - 01656832 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-11-08 17:34 - 2016-10-05 09:18 - 00983040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-11-08 17:34 - 2016-10-05 09:18 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-08 17:34 - 2016-10-05 09:17 - 04136960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-11-08 17:34 - 2016-10-05 09:16 - 00765440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-11-08 17:34 - 2016-10-05 09:15 - 00774656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-11-08 17:34 - 2016-10-05 09:14 - 01456640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-11-08 17:34 - 2016-10-05 09:13 - 01328128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-11-08 17:34 - 2016-10-05 09:13 - 00055808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-11-08 17:34 - 2016-10-05 09:12 - 00998912 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-11-08 17:34 - 2016-10-05 09:12 - 00924672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-08 17:34 - 2016-10-05 09:09 - 00691712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-08 17:34 - 2016-09-15 17:29 - 00823136 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-11-08 17:34 - 2016-09-15 17:29 - 00704352 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-11-08 17:34 - 2016-09-15 17:29 - 00603488 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-11-08 17:34 - 2016-09-15 17:29 - 00218008 ____C (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-11-08 17:34 - 2016-09-15 17:29 - 00169056 ____C (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-11-08 17:34 - 2016-09-15 17:29 - 00127328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-11-08 17:34 - 2016-09-15 17:29 - 00074080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-11-08 17:34 - 2016-09-15 17:29 - 00023392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-11-08 17:34 - 2016-09-15 17:27 - 00434528 ____C (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-11-08 17:34 - 2016-09-15 17:27 - 00128352 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-11-08 17:34 - 2016-09-15 17:25 - 02681200 ____C C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-08 17:34 - 2016-09-15 17:25 - 00280472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-11-08 17:34 - 2016-09-15 17:25 - 00262960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-11-08 17:34 - 2016-09-15 17:24 - 00764936 ____C (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-11-08 17:34 - 2016-09-15 17:22 - 05722320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-11-08 17:34 - 2016-09-15 17:22 - 00975744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-11-08 17:34 - 2016-09-15 17:22 - 00860512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-11-08 17:34 - 2016-09-15 17:21 - 01000288 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-11-08 17:34 - 2016-09-15 17:16 - 07219672 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-11-08 17:34 - 2016-09-15 17:16 - 01292640 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-11-08 17:34 - 2016-09-15 17:15 - 00223584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-11-08 17:34 - 2016-09-15 17:14 - 00435040 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-11-08 17:34 - 2016-09-15 17:11 - 01300600 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-11-08 17:34 - 2016-09-15 17:11 - 00862064 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-11-08 17:34 - 2016-09-15 17:11 - 00725664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-11-08 17:34 - 2016-09-15 17:07 - 00128864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-11-08 17:34 - 2016-09-15 16:58 - 00248832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-11-08 17:34 - 2016-09-15 16:57 - 00374784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-11-08 17:34 - 2016-09-15 16:57 - 00237056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-11-08 17:34 - 2016-09-15 16:56 - 00298496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-11-08 17:34 - 2016-09-15 16:56 - 00262656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-11-08 17:34 - 2016-09-15 16:56 - 00257536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00332288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00325120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00213504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00152064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-11-08 17:34 - 2016-09-15 16:55 - 00114176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-11-08 17:34 - 2016-09-15 16:54 - 00747520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-11-08 17:34 - 2016-09-15 16:54 - 00498688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-11-08 17:34 - 2016-09-15 16:54 - 00431104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-11-08 17:34 - 2016-09-15 16:53 - 00340480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-08 17:34 - 2016-09-15 16:52 - 00285696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-11-08 17:34 - 2016-09-15 16:51 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-11-08 17:34 - 2016-09-15 16:49 - 00901120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-11-08 17:34 - 2016-09-15 16:49 - 00653312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-11-08 17:34 - 2016-09-15 16:47 - 00366080 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-11-08 17:34 - 2016-09-15 16:43 - 03520512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-11-08 17:34 - 2016-09-15 16:42 - 00719872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-11-08 17:34 - 2016-09-15 16:42 - 00545792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-11-08 17:34 - 2016-09-15 16:42 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-11-08 17:34 - 2016-09-15 16:41 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-11-08 17:34 - 2016-09-15 16:40 - 02026496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-08 17:34 - 2016-09-15 16:40 - 00395264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-11-08 17:34 - 2016-09-15 16:40 - 00140800 ____C (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-11-08 17:34 - 2016-09-15 16:40 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-11-08 17:34 - 2016-09-15 16:39 - 02740224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-11-08 17:34 - 2016-09-15 16:39 - 00827904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-11-08 17:34 - 2016-09-15 16:39 - 00408576 ____C (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-11-08 17:34 - 2016-09-15 16:39 - 00368640 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-11-08 17:34 - 2016-09-15 16:39 - 00295936 ____C (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00691200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00671232 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00654336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00427008 ____C (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00349696 ____C (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00343552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-11-08 17:34 - 2016-09-15 16:38 - 00171520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-11-08 17:34 - 2016-09-15 16:37 - 01507840 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-11-08 17:34 - 2016-09-15 16:37 - 00680448 ____C (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-11-08 17:34 - 2016-09-15 16:37 - 00296448 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-11-08 17:34 - 2016-09-15 16:37 - 00171520 ____C (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-11-08 17:34 - 2016-09-15 16:36 - 00719360 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-11-08 17:34 - 2016-09-15 16:36 - 00686592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-11-08 17:34 - 2016-09-15 16:36 - 00640000 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-11-08 17:34 - 2016-09-15 16:36 - 00456192 ____C (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-11-08 17:34 - 2016-09-15 16:36 - 00448512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-11-08 17:34 - 2016-09-15 16:36 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-08 17:34 - 2016-09-15 16:36 - 00324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-11-08 17:34 - 2016-09-15 16:35 - 00496128 ____C (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-11-08 17:34 - 2016-09-15 16:35 - 00337408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-11-08 17:34 - 2016-09-15 16:35 - 00305152 ____C (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-11-08 17:34 - 2016-09-15 16:34 - 00642048 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-11-08 17:34 - 2016-09-15 16:34 - 00441856 ____C (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-11-08 17:34 - 2016-09-15 16:33 - 01004032 ____C (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-11-08 17:34 - 2016-09-15 16:33 - 00963584 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-11-08 17:34 - 2016-09-15 16:32 - 01037312 ____C (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-11-08 17:34 - 2016-09-15 16:31 - 00090624 ____C (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-11-08 17:34 - 2016-09-15 16:30 - 01639424 ____C (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-11-08 17:34 - 2016-09-15 16:30 - 01403392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-11-08 17:34 - 2016-09-15 16:29 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-11-08 17:34 - 2016-09-15 16:27 - 01078784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-11-08 17:34 - 2016-09-15 16:27 - 00796672 ____C (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-11-08 17:34 - 2016-09-15 16:27 - 00627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-11-08 17:34 - 2016-09-15 16:26 - 00279552 ____C (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-11-08 17:34 - 2016-09-15 16:25 - 01217024 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-11-08 17:34 - 2016-09-15 16:25 - 00411648 ____C (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-11-08 17:34 - 2016-09-15 16:24 - 04596224 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-11-08 17:34 - 2016-09-15 16:23 - 01361408 ____C (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-11-08 17:34 - 2016-09-15 16:23 - 01040896 ____C (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-11-08 17:34 - 2016-09-15 16:23 - 00650752 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-11-08 17:34 - 2016-09-15 16:23 - 00611328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-11-08 17:34 - 2016-09-15 16:23 - 00347648 ____C (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-11-08 17:34 - 2016-09-15 16:20 - 02095616 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-08 17:34 - 2016-09-15 16:19 - 01424896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-11-08 17:34 - 2016-09-15 16:18 - 01369088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-11-08 17:34 - 2016-09-10 13:21 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-11-08 17:34 - 2016-09-07 05:48 - 00379744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-11-08 17:34 - 2016-09-07 05:44 - 02049480 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-11-08 17:34 - 2016-09-07 05:33 - 00450392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-11-08 17:34 - 2016-09-07 05:29 - 00595488 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-11-08 17:34 - 2016-09-07 05:29 - 00523712 ____C (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-11-08 17:34 - 2016-09-07 05:27 - 01362504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-11-08 17:34 - 2016-09-07 05:13 - 00640976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-11-08 17:34 - 2016-09-07 05:12 - 00321792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-11-08 17:34 - 2016-09-07 04:58 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-11-08 17:34 - 2016-09-07 04:56 - 00223744 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-08 17:34 - 2016-09-07 04:55 - 00781824 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-11-08 17:34 - 2016-09-07 04:54 - 00678912 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-11-08 17:34 - 2016-09-07 04:54 - 00468992 ____C (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-11-08 17:34 - 2016-09-07 04:54 - 00461312 ____C (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-11-08 17:34 - 2016-09-07 04:50 - 01755136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-11-08 17:34 - 2016-09-07 04:46 - 00846336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-11-08 17:34 - 2016-09-07 04:46 - 00755200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-11-08 17:34 - 2016-09-07 04:41 - 01891328 ____C (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-11-08 17:34 - 2016-09-07 04:40 - 01312768 ____C (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-11-08 17:34 - 2016-09-07 04:38 - 01555456 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-11-08 17:34 - 2016-09-07 04:37 - 02370048 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-11-08 17:34 - 2016-09-07 04:37 - 00540160 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-11-08 17:34 - 2016-09-07 04:33 - 00058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-11-08 17:34 - 2016-09-07 04:31 - 01293312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-11-08 17:34 - 2016-08-27 05:12 - 00244816 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-11-08 17:34 - 2016-08-20 06:06 - 00108384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-11-08 17:34 - 2016-08-20 05:20 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-11-08 17:34 - 2016-08-20 05:17 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-11-08 17:34 - 2016-08-20 05:11 - 00410624 ____C (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-11-08 17:34 - 2016-08-20 05:08 - 00204288 ____C (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-11-08 17:34 - 2016-08-20 05:06 - 00389632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-11-08 17:34 - 2016-08-06 04:13 - 01847048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-11-08 17:34 - 2016-08-06 04:13 - 01453992 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-11-08 17:34 - 2016-08-06 04:13 - 00044472 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-11-08 17:34 - 2016-08-06 04:08 - 00313560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-11-08 17:34 - 2016-08-06 03:48 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-11-08 17:34 - 2016-08-06 03:47 - 00034304 ____C (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-11-08 17:34 - 2016-08-06 03:45 - 00066560 ____C (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-11-08 17:34 - 2016-08-06 03:45 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-11-08 17:34 - 2016-08-06 03:45 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-11-08 17:34 - 2016-08-06 03:45 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-11-08 17:34 - 2016-08-06 03:44 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-11-08 17:34 - 2016-08-06 03:43 - 00280064 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-11-08 17:34 - 2016-08-06 03:41 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-11-08 17:34 - 2016-08-06 03:41 - 00231424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-11-08 17:34 - 2016-08-06 03:40 - 00083968 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-11-08 17:34 - 2016-08-06 03:39 - 00181760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-11-08 17:34 - 2016-08-06 03:37 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-08 17:34 - 2016-08-06 03:35 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-11-08 17:34 - 2016-08-02 08:44 - 00114192 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-11-08 17:34 - 2016-08-02 08:14 - 00289792 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 02186896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 01637728 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 01235296 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00595296 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00584032 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00322912 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00232800 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00137568 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-11-08 17:33 - 2016-10-15 04:51 - 00078688 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-11-08 17:33 - 2016-10-15 04:43 - 01356352 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-11-08 17:33 - 2016-10-15 04:41 - 05622088 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-11-08 17:33 - 2016-10-15 04:38 - 00500064 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-11-08 17:33 - 2016-10-15 04:34 - 01969912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-11-08 17:33 - 2016-10-15 04:31 - 02827864 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-11-08 17:33 - 2016-10-15 04:30 - 00509280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-11-08 17:33 - 2016-10-15 04:30 - 00341936 ____C (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-11-08 17:33 - 2016-10-15 04:29 - 02913104 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-11-08 17:33 - 2016-10-15 04:29 - 00908640 ____C (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-11-08 17:33 - 2016-10-15 04:29 - 00079200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-11-08 17:33 - 2016-10-15 04:26 - 01600632 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-11-08 17:33 - 2016-10-15 04:21 - 00292872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-11-08 17:33 - 2016-10-15 04:10 - 00254656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-11-08 17:33 - 2016-10-15 04:06 - 05685760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-11-08 17:33 - 2016-10-15 04:05 - 07216640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-11-08 17:33 - 2016-10-15 04:00 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-11-08 17:33 - 2016-10-15 04:00 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-11-08 17:33 - 2016-10-15 04:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-11-08 17:33 - 2016-10-15 03:59 - 00272384 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-11-08 17:33 - 2016-10-15 03:59 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-11-08 17:33 - 2016-10-15 03:59 - 00130560 ____C (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-11-08 17:33 - 2016-10-15 03:58 - 00258560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-11-08 17:33 - 2016-10-15 03:57 - 00217600 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-11-08 17:33 - 2016-10-15 03:57 - 00175104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-11-08 17:33 - 2016-10-15 03:56 - 00339968 ____C (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-11-08 17:33 - 2016-10-15 03:56 - 00306688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-11-08 17:33 - 2016-10-15 03:56 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-11-08 17:33 - 2016-10-15 03:55 - 00126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-11-08 17:33 - 2016-10-15 03:54 - 00717312 ____C (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-11-08 17:33 - 2016-10-15 03:54 - 00217088 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-11-08 17:33 - 2016-10-15 03:54 - 00102912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-11-08 17:33 - 2016-10-15 03:52 - 00163328 ____C (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-11-08 17:33 - 2016-10-15 03:51 - 13868544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-11-08 17:33 - 2016-10-15 03:50 - 02716672 ____C (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-11-08 17:33 - 2016-10-15 03:50 - 00090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-11-08 17:33 - 2016-10-15 03:50 - 00074752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-11-08 17:33 - 2016-10-15 03:49 - 01913344 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-11-08 17:33 - 2016-10-15 03:49 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-11-08 17:33 - 2016-10-15 03:49 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-11-08 17:33 - 2016-10-15 03:48 - 01554944 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-11-08 17:33 - 2016-10-15 03:48 - 01054208 ____C (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-11-08 17:33 - 2016-10-15 03:47 - 07792640 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-11-08 17:33 - 2016-10-15 03:46 - 03287552 ____C (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-11-08 17:33 - 2016-10-15 03:44 - 00090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-11-08 17:33 - 2016-10-15 03:43 - 02748928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-11-08 17:33 - 2016-10-15 03:43 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-11-08 17:33 - 2016-10-15 03:42 - 06108672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-11-08 17:33 - 2016-10-15 03:41 - 07654912 ____C (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-11-08 17:33 - 2016-10-15 03:41 - 05376000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-11-08 17:33 - 2016-10-15 03:39 - 00869888 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-11-08 17:33 - 2016-10-15 03:39 - 00357376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-11-08 17:33 - 2016-10-15 03:38 - 00675840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-11-08 17:33 - 2016-10-15 03:37 - 01980416 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-08 17:33 - 2016-10-15 03:37 - 00715264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-11-08 17:33 - 2016-10-15 03:37 - 00093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-11-08 17:33 - 2016-10-15 03:36 - 00792064 ____C (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-11-08 17:33 - 2016-10-15 03:36 - 00542208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-11-08 17:33 - 2016-10-15 03:36 - 00347136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-11-08 17:33 - 2016-10-15 03:36 - 00338944 ____C (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-11-08 17:33 - 2016-10-15 03:36 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-11-08 17:33 - 2016-10-15 03:35 - 03054080 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-11-08 17:33 - 2016-10-15 03:35 - 02708992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-11-08 17:33 - 2016-10-15 03:35 - 02315264 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-11-08 17:33 - 2016-10-15 03:35 - 00760832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-11-08 17:33 - 2016-10-15 03:35 - 00391168 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-11-08 17:33 - 2016-10-05 10:17 - 01322848 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-11-08 17:33 - 2016-10-05 10:12 - 02446696 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-11-08 17:33 - 2016-10-05 09:38 - 00237568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-11-08 17:33 - 2016-10-05 09:36 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-11-08 17:33 - 2016-10-05 09:35 - 00352768 ____C (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-11-08 17:33 - 2016-10-05 09:35 - 00122880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-11-08 17:33 - 2016-10-05 09:33 - 00651264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-11-08 17:33 - 2016-10-05 09:33 - 00268800 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-11-08 17:33 - 2016-10-05 09:32 - 00223744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-11-08 17:33 - 2016-10-05 09:31 - 00561664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-11-08 17:33 - 2016-10-05 09:31 - 00425472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-11-08 17:33 - 2016-10-05 09:31 - 00176128 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-11-08 17:33 - 2016-10-05 09:30 - 00396800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-11-08 17:33 - 2016-10-05 09:29 - 00368640 ____C (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-11-08 17:33 - 2016-10-05 09:28 - 03059200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-11-08 17:33 - 2016-10-05 09:28 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-11-08 17:33 - 2016-10-05 09:28 - 00123904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-11-08 17:33 - 2016-10-05 09:27 - 00945664 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-11-08 17:33 - 2016-10-05 09:26 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-11-08 17:33 - 2016-10-05 09:26 - 00137216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-11-08 17:33 - 2016-10-05 09:26 - 00088576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-11-08 17:33 - 2016-10-05 09:25 - 00404992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-11-08 17:33 - 2016-10-05 09:25 - 00117760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-11-08 17:33 - 2016-10-05 09:23 - 00431616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-11-08 17:33 - 2016-10-05 09:23 - 00426496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-11-08 17:33 - 2016-10-05 09:23 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-11-08 17:33 - 2016-10-05 09:22 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-11-08 17:33 - 2016-10-05 09:20 - 00936960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-11-08 17:33 - 2016-10-05 09:20 - 00661504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-11-08 17:33 - 2016-10-05 09:17 - 02914304 ____C (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-11-08 17:33 - 2016-10-05 09:17 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-11-08 17:33 - 2016-10-05 09:16 - 06664192 ____C (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-11-08 17:33 - 2016-10-05 09:15 - 02800128 ____C (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-11-08 17:33 - 2016-10-05 09:15 - 00833024 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-11-08 17:33 - 2016-10-05 09:12 - 01107456 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-11-08 17:33 - 2016-10-05 09:09 - 03369984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-11-08 17:33 - 2016-10-05 09:08 - 00598528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-11-08 17:33 - 2016-10-05 09:07 - 02682880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-11-08 17:33 - 2016-10-05 09:07 - 00589312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-11-08 17:33 - 2016-10-05 09:06 - 01013248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-11-08 17:33 - 2016-10-05 09:05 - 00751104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-11-08 17:33 - 2016-09-15 17:33 - 00083120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-11-08 17:33 - 2016-09-15 17:32 - 02048496 ____C C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-11-08 17:33 - 2016-09-15 17:30 - 00354264 ____C (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-11-08 17:33 - 2016-09-15 17:29 - 01117024 ____C (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-11-08 17:33 - 2016-09-15 17:29 - 00512416 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-11-08 17:33 - 2016-09-15 17:26 - 00090400 ____C (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-11-08 17:33 - 2016-09-15 17:18 - 00328008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-11-08 17:33 - 2016-09-15 17:16 - 00527808 ____C (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-11-08 17:33 - 2016-09-15 17:15 - 00649568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-11-08 17:33 - 2016-09-15 17:14 - 01100128 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-11-08 17:33 - 2016-09-15 17:14 - 00988512 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-11-08 17:33 - 2016-09-15 17:14 - 00947552 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-11-08 17:33 - 2016-09-15 17:13 - 00113504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-11-08 17:33 - 2016-09-15 17:06 - 00387872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-11-08 17:33 - 2016-09-15 17:03 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-11-08 17:33 - 2016-09-15 17:03 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-11-08 17:33 - 2016-09-15 17:01 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-11-08 17:33 - 2016-09-15 17:00 - 00518656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-11-08 17:33 - 2016-09-15 17:00 - 00138240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-11-08 17:33 - 2016-09-15 16:58 - 00203776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-11-08 17:33 - 2016-09-15 16:58 - 00129024 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-11-08 17:33 - 2016-09-15 16:58 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-11-08 17:33 - 2016-09-15 16:56 - 01300480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-11-08 17:33 - 2016-09-15 16:56 - 00670208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-11-08 17:33 - 2016-09-15 16:56 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 01243136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 00562176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 00386048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 00185856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-11-08 17:33 - 2016-09-15 16:55 - 00175616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-11-08 17:33 - 2016-09-15 16:54 - 00391168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-11-08 17:33 - 2016-09-15 16:53 - 00466432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-11-08 17:33 - 2016-09-15 16:53 - 00314368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-11-08 17:33 - 2016-09-15 16:53 - 00284672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-11-08 17:33 - 2016-09-15 16:52 - 00445952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-11-08 17:33 - 2016-09-15 16:52 - 00238080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-11-08 17:33 - 2016-09-15 16:47 - 00355328 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-11-08 17:33 - 2016-09-15 16:47 - 00134656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-11-08 17:33 - 2016-09-15 16:46 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-11-08 17:33 - 2016-09-15 16:45 - 02642944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-11-08 17:33 - 2016-09-15 16:45 - 00248832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-11-08 17:33 - 2016-09-15 16:44 - 02153984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-11-08 17:33 - 2016-09-15 16:44 - 00209920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-11-08 17:33 - 2016-09-15 16:43 - 00433664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-11-08 17:33 - 2016-09-15 16:43 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-11-08 17:33 - 2016-09-15 16:43 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-11-08 17:33 - 2016-09-15 16:42 - 00492544 ____C (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-11-08 17:33 - 2016-09-15 16:42 - 00123904 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-11-08 17:33 - 2016-09-15 16:41 - 00259072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-11-08 17:33 - 2016-09-15 16:41 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-11-08 17:33 - 2016-09-15 16:41 - 00156160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-11-08 17:33 - 2016-09-15 16:41 - 00108032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-11-08 17:33 - 2016-09-15 16:41 - 00090624 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-11-08 17:33 - 2016-09-15 16:40 - 02138112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-11-08 17:33 - 2016-09-15 16:40 - 01988096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-11-08 17:33 - 2016-09-15 16:40 - 01656320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-11-08 17:33 - 2016-09-15 16:40 - 00348160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-11-08 17:33 - 2016-09-15 16:39 - 01004544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-11-08 17:33 - 2016-09-15 16:39 - 00418304 ____C C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00773120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-11-08 17:33 - 2016-09-15 16:38 - 00730112 ____C (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00620544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00573952 ____C (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00505856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-11-08 17:33 - 2016-09-15 16:38 - 00205824 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-11-08 17:33 - 2016-09-15 16:38 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-11-08 17:33 - 2016-09-15 16:37 - 00912384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-11-08 17:33 - 2016-09-15 16:37 - 00390144 ____C (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-11-08 17:33 - 2016-09-15 16:36 - 00407552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-11-08 17:33 - 2016-09-15 16:36 - 00358912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-11-08 17:33 - 2016-09-15 16:36 - 00349184 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-11-08 17:33 - 2016-09-15 16:36 - 00310784 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-11-08 17:33 - 2016-09-15 16:36 - 00216576 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-11-08 17:33 - 2016-09-15 16:36 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-11-08 17:33 - 2016-09-15 16:35 - 01087488 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-11-08 17:33 - 2016-09-15 16:35 - 01013248 ____C (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-11-08 17:33 - 2016-09-15 16:35 - 00280064 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-11-08 17:33 - 2016-09-15 16:35 - 00252416 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-11-08 17:33 - 2016-09-15 16:35 - 00168960 ____C (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-11-08 17:33 - 2016-09-15 16:34 - 00424960 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-11-08 17:33 - 2016-09-15 16:33 - 03753984 ____C (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-11-08 17:33 - 2016-09-15 16:33 - 00560128 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-11-08 17:33 - 2016-09-15 16:33 - 00512000 ____C (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-11-08 17:33 - 2016-09-15 16:30 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-11-08 17:33 - 2016-09-15 16:30 - 00458752 ____C (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-11-08 17:33 - 2016-09-15 16:30 - 00175616 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-11-08 17:33 - 2016-09-15 16:30 - 00169984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-11-08 17:33 - 2016-09-15 16:30 - 00104960 ____C (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-11-08 17:33 - 2016-09-15 16:29 - 01105408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-11-08 17:33 - 2016-09-15 16:29 - 01082368 ____C (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-11-08 17:33 - 2016-09-15 16:29 - 00715264 ____C (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-11-08 17:33 - 2016-09-15 16:29 - 00329728 ____C (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-11-08 17:33 - 2016-09-15 16:28 - 00442368 ____C (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-11-08 17:33 - 2016-09-15 16:27 - 02860032 ____C (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-11-08 17:33 - 2016-09-15 16:27 - 00582656 ____C (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-11-08 17:33 - 2016-09-15 16:27 - 00250368 ____C (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-11-08 17:33 - 2016-09-15 16:27 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-11-08 17:33 - 2016-09-15 16:26 - 00374784 ____C (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-11-08 17:33 - 2016-09-15 16:26 - 00361472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-11-08 17:33 - 2016-09-15 16:26 - 00112128 ____C (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-11-08 17:33 - 2016-09-15 16:25 - 00947200 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-11-08 17:33 - 2016-09-15 16:25 - 00628736 ____C (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-11-08 17:33 - 2016-09-15 16:25 - 00130560 ____C (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-11-08 17:33 - 2016-09-15 16:24 - 00800768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-11-08 17:33 - 2016-09-15 16:24 - 00538624 ____C (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-11-08 17:33 - 2016-09-15 16:23 - 03405824 ____C (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-11-08 17:33 - 2016-09-15 16:23 - 01020928 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-11-08 17:33 - 2016-09-15 16:22 - 05611008 ____C (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-11-08 17:33 - 2016-09-15 16:22 - 01709056 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-11-08 17:33 - 2016-09-15 16:22 - 00960000 ____C (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-11-08 17:33 - 2016-09-15 16:22 - 00857600 ____C (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-11-08 17:33 - 2016-09-15 16:22 - 00376832 ____C (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-11-08 17:33 - 2016-09-15 16:21 - 02538496 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-11-08 17:33 - 2016-09-15 16:21 - 02208768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-11-08 17:33 - 2016-09-15 16:21 - 00971264 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-11-08 17:33 - 2016-09-15 16:20 - 01710080 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-11-08 17:33 - 2016-09-15 16:20 - 01275392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-11-08 17:33 - 2016-09-15 16:20 - 01266176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-11-08 17:33 - 2016-09-15 16:20 - 00875520 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-11-08 17:33 - 2016-09-15 16:19 - 01130496 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-08 17:33 - 2016-09-15 16:19 - 00903680 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-11-08 17:33 - 2016-09-15 16:19 - 00730112 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-11-08 17:33 - 2016-09-15 16:18 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-11-08 17:33 - 2016-09-15 16:17 - 00180224 ____C (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-11-08 17:33 - 2016-09-15 16:16 - 01817088 ____C (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-11-08 17:33 - 2016-09-15 16:16 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-11-08 17:33 - 2016-09-07 05:53 - 02481768 ____C (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-11-08 17:33 - 2016-09-07 05:34 - 00857440 ____C (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-11-08 17:33 - 2016-09-07 05:33 - 00681304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-11-08 17:33 - 2016-09-07 05:29 - 00118112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-11-08 17:33 - 2016-09-07 05:17 - 00782176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-11-08 17:33 - 2016-09-07 05:13 - 00529928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-11-08 17:33 - 2016-09-07 05:02 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-11-08 17:33 - 2016-09-07 05:02 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-11-08 17:33 - 2016-09-07 05:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-11-08 17:33 - 2016-09-07 05:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-11-08 17:33 - 2016-09-07 04:59 - 00409088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-11-08 17:33 - 2016-09-07 04:59 - 00110080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-11-08 17:33 - 2016-09-07 04:59 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-11-08 17:33 - 2016-09-07 04:58 - 00133632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-11-08 17:33 - 2016-09-07 04:58 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-11-08 17:33 - 2016-09-07 04:56 - 00349184 ____C (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-11-08 17:33 - 2016-09-07 04:56 - 00116224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-11-08 17:33 - 2016-09-07 04:55 - 06574592 ____C (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-11-08 17:33 - 2016-09-07 04:55 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-11-08 17:33 - 2016-09-07 04:54 - 00057344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-11-08 17:33 - 2016-09-07 04:53 - 00091648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-11-08 17:33 - 2016-09-07 04:52 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-11-08 17:33 - 2016-09-07 04:52 - 00331264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-11-08 17:33 - 2016-09-07 04:52 - 00289280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-11-08 17:33 - 2016-09-07 04:52 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-11-08 17:33 - 2016-09-07 04:52 - 00104448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-11-08 17:33 - 2016-09-07 04:50 - 00282624 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-11-08 17:33 - 2016-09-07 04:50 - 00235008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-11-08 17:33 - 2016-09-07 04:49 - 00409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-11-08 17:33 - 2016-09-07 04:47 - 00197120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-11-08 17:33 - 2016-09-07 04:46 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-11-08 17:33 - 2016-09-07 04:46 - 00295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-11-08 17:33 - 2016-09-07 04:45 - 00248320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-11-08 17:33 - 2016-09-07 04:41 - 05511680 ____C (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-11-08 17:33 - 2016-09-07 04:39 - 05384192 ____C (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-11-08 17:33 - 2016-09-07 04:39 - 03116544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-11-08 17:33 - 2016-09-07 04:37 - 01062912 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-11-08 17:33 - 2016-09-07 04:36 - 02423296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-11-08 17:33 - 2016-09-07 04:36 - 02360832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-11-08 17:33 - 2016-09-07 04:35 - 02107392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-11-08 17:33 - 2016-09-07 04:35 - 00650240 ____C (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-11-08 17:33 - 2016-09-07 04:34 - 00860672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-11-08 17:33 - 2016-09-07 04:34 - 00444416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-11-08 17:33 - 2016-08-27 04:44 - 00027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-11-08 17:33 - 2016-08-27 04:43 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-11-08 17:33 - 2016-08-20 05:22 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-11-08 17:33 - 2016-08-20 05:21 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-11-08 17:33 - 2016-08-20 05:21 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-11-08 17:33 - 2016-08-20 05:21 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-11-08 17:33 - 2016-08-20 05:20 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-11-08 17:33 - 2016-08-20 05:20 - 00085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-11-08 17:33 - 2016-08-20 05:20 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-11-08 17:33 - 2016-08-20 05:20 - 00017408 ____C (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-11-08 17:33 - 2016-08-20 05:19 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-11-08 17:33 - 2016-08-20 05:19 - 00083968 ____C (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-11-08 17:33 - 2016-08-20 05:18 - 00200704 ____C (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-11-08 17:33 - 2016-08-20 05:18 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-11-08 17:33 - 2016-08-20 05:17 - 00235008 ____C (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-11-08 17:33 - 2016-08-20 05:15 - 00295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-11-08 17:33 - 2016-08-20 05:14 - 00225280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-11-08 17:33 - 2016-08-20 05:14 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-11-08 17:33 - 2016-08-20 05:14 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-11-08 17:33 - 2016-08-20 05:14 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-11-08 17:33 - 2016-08-20 05:06 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-11-08 17:33 - 2016-08-20 05:04 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-11-08 17:33 - 2016-08-20 04:58 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-11-08 17:33 - 2016-08-20 04:56 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-11-08 17:33 - 2016-08-19 01:33 - 00162850 ____C C:\WINDOWS\system32\C_932.NLS
2016-11-08 17:33 - 2016-08-06 04:31 - 00041824 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-11-08 17:33 - 2016-08-06 04:29 - 00199008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-11-08 17:33 - 2016-08-06 04:18 - 00396168 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-11-08 17:33 - 2016-08-06 04:16 - 00026408 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-11-08 17:33 - 2016-08-06 03:48 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-11-08 17:33 - 2016-08-06 03:48 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-11-08 17:33 - 2016-08-06 03:48 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-11-08 17:33 - 2016-08-06 03:48 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-11-08 17:33 - 2016-08-06 03:48 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-11-08 17:33 - 2016-08-06 03:48 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-11-08 17:33 - 2016-08-06 03:48 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-11-08 17:33 - 2016-08-06 03:47 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-11-08 17:33 - 2016-08-06 03:47 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-11-08 17:33 - 2016-08-06 03:47 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-11-08 17:33 - 2016-08-06 03:46 - 09260032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-11-08 17:33 - 2016-08-06 03:46 - 09260032 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-11-08 17:33 - 2016-08-06 03:46 - 00057344 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-11-08 17:33 - 2016-08-06 03:46 - 00047104 ____C (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-11-08 17:33 - 2016-08-06 03:45 - 00226304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-11-08 17:33 - 2016-08-06 03:45 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-11-08 17:33 - 2016-08-06 03:43 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-11-08 17:33 - 2016-08-06 03:41 - 00462336 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-11-08 17:33 - 2016-08-06 03:41 - 00412160 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-11-08 17:33 - 2016-08-06 03:41 - 00068096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-11-08 17:33 - 2016-08-06 03:40 - 00234496 ____C (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-11-08 17:33 - 2016-08-06 03:39 - 00298496 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-11-08 17:33 - 2016-08-06 03:39 - 00295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-11-08 17:33 - 2016-08-06 03:38 - 00320000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-08 17:33 - 2016-08-06 03:34 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-11-08 17:33 - 2016-08-06 03:33 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-11-08 17:33 - 2016-08-06 03:23 - 00520192 ____C (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-11-08 17:33 - 2016-08-05 08:29 - 00568832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-11-08 17:33 - 2016-08-05 08:29 - 00019968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-11-08 17:33 - 2016-08-02 04:47 - 00079536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-11-08 17:33 - 2016-07-22 01:25 - 00389000 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-11-08 17:32 - 2016-10-15 04:51 - 00283488 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-11-08 17:32 - 2016-10-15 04:38 - 00409952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-11-08 17:32 - 2016-10-15 04:31 - 02190688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-11-08 17:32 - 2016-10-15 04:31 - 00658272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-11-08 17:32 - 2016-10-15 04:31 - 00402272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-11-08 17:32 - 2016-10-15 04:30 - 01851696 ____C (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-11-08 17:32 - 2016-10-15 04:30 - 00557408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-11-08 17:32 - 2016-10-15 04:29 - 01267504 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-11-08 17:32 - 2016-10-15 04:29 - 00335712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-11-08 17:32 - 2016-10-15 04:26 - 01694712 ____C (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-11-08 17:32 - 2016-10-15 04:26 - 00160096 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-11-08 17:32 - 2016-10-15 04:25 - 00882680 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-11-08 17:32 - 2016-10-15 04:25 - 00742704 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-11-08 17:32 - 2016-10-15 04:21 - 02537824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-11-08 17:32 - 2016-10-15 04:21 - 01100128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-11-08 17:32 - 2016-10-15 04:21 - 00584032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-11-08 17:32 - 2016-10-15 04:20 - 02276736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-11-08 17:32 - 2016-10-15 04:19 - 00272720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-11-08 17:32 - 2016-10-15 04:18 - 02166232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-11-08 17:32 - 2016-10-15 04:18 - 01556712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-11-08 17:32 - 2016-10-15 04:18 - 00846560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-11-08 17:32 - 2016-10-15 04:15 - 01853776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-11-08 17:32 - 2016-10-15 04:15 - 01123368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-11-08 17:32 - 2016-10-15 04:15 - 00687936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-11-08 17:32 - 2016-10-15 04:11 - 01435896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-11-08 17:32 - 2016-10-15 04:00 - 00323584 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-11-08 17:32 - 2016-10-15 03:59 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-11-08 17:32 - 2016-10-15 03:57 - 00039424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-11-08 17:32 - 2016-10-15 03:56 - 00327680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-11-08 17:32 - 2016-10-15 03:56 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-11-08 17:32 - 2016-10-15 03:56 - 00219648 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-11-08 17:32 - 2016-10-15 03:56 - 00193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-11-08 17:32 - 2016-10-15 03:56 - 00120832 ____C (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-11-08 17:32 - 2016-10-15 03:56 - 00098816 ____C (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-11-08 17:32 - 2016-10-15 03:55 - 00329216 ____C (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-11-08 17:32 - 2016-10-15 03:55 - 00265728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-11-08 17:32 - 2016-10-15 03:55 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\hidclass.sys
2016-11-08 17:32 - 2016-10-15 03:55 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-11-08 17:32 - 2016-10-15 03:55 - 00142336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-11-08 17:32 - 2016-10-15 03:54 - 00463872 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-11-08 17:32 - 2016-10-15 03:54 - 00410112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-11-08 17:32 - 2016-10-15 03:54 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-11-08 17:32 - 2016-10-15 03:54 - 00152064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-11-08 17:32 - 2016-10-15 03:53 - 00313856 ____C (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-11-08 17:32 - 2016-10-15 03:52 - 00523776 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-11-08 17:32 - 2016-10-15 03:52 - 00410624 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-11-08 17:32 - 2016-10-15 03:52 - 00339456 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-11-08 17:32 - 2016-10-15 03:52 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-11-08 17:32 - 2016-10-15 03:51 - 00429568 ____C (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-11-08 17:32 - 2016-10-15 03:51 - 00226304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-11-08 17:32 - 2016-10-15 03:50 - 02333184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-11-08 17:32 - 2016-10-15 03:50 - 00438784 ____C (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-11-08 17:32 - 2016-10-15 03:50 - 00310272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-11-08 17:32 - 2016-10-15 03:49 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-11-08 17:32 - 2016-10-15 03:49 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-11-08 17:32 - 2016-10-15 03:47 - 04612608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-11-08 17:32 - 2016-10-15 03:47 - 00720896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-11-08 17:32 - 2016-10-15 03:46 - 00718848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-11-08 17:32 - 2016-10-15 03:45 - 01790464 ____C (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-11-08 17:32 - 2016-10-15 03:45 - 00702464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-11-08 17:32 - 2016-10-15 03:44 - 00636928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-11-08 17:32 - 2016-10-15 03:43 - 01365504 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-11-08 17:32 - 2016-10-15 03:42 - 00467968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-11-08 17:32 - 2016-10-15 03:42 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-11-08 17:32 - 2016-10-15 03:41 - 00945664 ____C (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-11-08 17:32 - 2016-10-15 03:41 - 00161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 04474368 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 01060864 ____C (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 01005568 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 00817664 ____C (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 00806400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-11-08 17:32 - 2016-10-15 03:39 - 00631296 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-11-08 17:32 - 2016-10-15 03:37 - 03733504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-11-08 17:32 - 2016-10-15 03:37 - 01029632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-11-08 17:32 - 2016-10-15 03:37 - 00709120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-11-08 17:32 - 2016-10-15 03:36 - 01170944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-11-08 17:32 - 2016-10-15 03:36 - 00983040 ____C (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-11-08 17:32 - 2016-10-15 03:36 - 00673792 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-11-08 17:32 - 2016-10-15 03:35 - 02005504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-11-08 17:32 - 2016-10-15 03:35 - 00905216 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-11-08 17:32 - 2016-10-15 03:34 - 02476544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-11-08 17:32 - 2016-10-15 03:34 - 01840640 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-11-08 17:32 - 2016-10-15 03:34 - 00936448 ____C (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-11-08 17:32 - 2016-10-15 03:32 - 00886784 ____C (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-11-08 17:32 - 2016-10-05 10:35 - 00279904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-11-08 17:32 - 2016-10-05 10:22 - 01181536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-11-08 17:32 - 2016-10-05 10:16 - 00187232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-11-08 17:32 - 2016-10-05 10:13 - 00146784 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-11-08 17:32 - 2016-10-05 10:12 - 01112928 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-11-08 17:32 - 2016-10-05 10:08 - 00241504 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-11-08 17:32 - 2016-10-05 09:50 - 00116576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-11-08 17:32 - 2016-10-05 09:49 - 01980768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-11-08 17:32 - 2016-10-05 09:48 - 01022304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-11-08 17:32 - 2016-10-05 09:46 - 01360456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-11-08 17:32 - 2016-10-05 09:46 - 00980824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-11-08 17:32 - 2016-10-05 09:38 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-11-08 17:32 - 2016-10-05 09:36 - 00113664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-11-08 17:32 - 2016-10-05 09:35 - 00196096 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-11-08 17:32 - 2016-10-05 09:35 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-11-08 17:32 - 2016-10-05 09:33 - 00157696 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-11-08 17:32 - 2016-10-05 09:32 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-11-08 17:32 - 2016-10-05 09:32 - 00146432 ____C (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-11-08 17:32 - 2016-10-05 09:31 - 00837632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-11-08 17:32 - 2016-10-05 09:31 - 00748544 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-11-08 17:32 - 2016-10-05 09:31 - 00480768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-11-08 17:32 - 2016-10-05 09:31 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-11-08 17:32 - 2016-10-05 09:29 - 01145856 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-11-08 17:32 - 2016-10-05 09:28 - 00775168 ____C (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-11-08 17:32 - 2016-10-05 09:28 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-11-08 17:32 - 2016-10-05 09:27 - 00094208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-11-08 17:32 - 2016-10-05 09:27 - 00087040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-11-08 17:32 - 2016-10-05 09:26 - 00590848 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-11-08 17:32 - 2016-10-05 09:25 - 00299520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-11-08 17:32 - 2016-10-05 09:24 - 00483840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-11-08 17:32 - 2016-10-05 09:24 - 00099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-11-08 17:32 - 2016-10-05 09:21 - 03689984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-11-08 17:32 - 2016-10-05 09:21 - 00567808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-11-08 17:32 - 2016-10-05 09:20 - 00143872 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-11-08 17:32 - 2016-10-05 09:19 - 02390016 ____C (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-11-08 17:32 - 2016-10-05 09:18 - 00858112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-11-08 17:32 - 2016-10-05 09:16 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-11-08 17:32 - 2016-10-05 09:16 - 00508416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-11-08 17:32 - 2016-10-05 09:15 - 00716800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-11-08 17:32 - 2016-10-05 09:15 - 00141312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-11-08 17:32 - 2016-10-05 09:14 - 01255936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-11-08 17:32 - 2016-10-05 09:14 - 01013760 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-11-08 17:32 - 2016-10-05 09:11 - 00640000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-11-08 17:32 - 2016-10-05 09:10 - 06474752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-11-08 17:32 - 2016-10-05 09:09 - 00710144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-11-08 17:32 - 2016-10-05 09:08 - 00873472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-11-08 17:32 - 2016-10-05 09:07 - 02646016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-11-08 17:32 - 2016-10-05 09:07 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-11-08 17:32 - 2016-10-05 09:06 - 00850944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-11-08 17:32 - 2016-09-15 17:40 - 00965472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-11-08 17:32 - 2016-09-15 17:37 - 00496872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-11-08 17:32 - 2016-09-15 17:37 - 00402352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-11-08 17:32 - 2016-09-15 17:30 - 00646136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-11-08 17:32 - 2016-09-15 17:29 - 00424640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-11-08 17:32 - 2016-09-15 17:29 - 00081760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-11-08 17:32 - 2016-09-15 17:23 - 01503032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-11-08 17:32 - 2016-09-15 17:23 - 00170960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-11-08 17:32 - 2016-09-15 17:22 - 00433832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-11-08 17:32 - 2016-09-15 17:20 - 00634944 ____C (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-11-08 17:32 - 2016-09-15 17:19 - 00361104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-11-08 17:32 - 2016-09-15 17:18 - 01201872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-11-08 17:32 - 2016-09-15 17:18 - 00856872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-11-08 17:32 - 2016-09-15 17:16 - 01738040 ____C (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-11-08 17:32 - 2016-09-15 17:16 - 01157000 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-11-08 17:32 - 2016-09-15 17:16 - 00206096 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-11-08 17:32 - 2016-09-15 17:15 - 00218976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-11-08 17:32 - 2016-09-15 17:15 - 00130912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-11-08 17:32 - 2016-09-15 17:14 - 00811872 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-11-08 17:32 - 2016-09-15 17:14 - 00119648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-11-08 17:32 - 2016-09-15 17:06 - 00455520 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-11-08 17:32 - 2016-09-15 17:06 - 00372440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-11-08 17:32 - 2016-09-15 17:03 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-11-08 17:32 - 2016-09-15 17:01 - 00141824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-11-08 17:32 - 2016-09-15 17:00 - 00554496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-11-08 17:32 - 2016-09-15 16:59 - 00255488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-11-08 17:32 - 2016-09-15 16:59 - 00143872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-11-08 17:32 - 2016-09-15 16:59 - 00136192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-11-08 17:32 - 2016-09-15 16:58 - 00291840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-11-08 17:32 - 2016-09-15 16:58 - 00092672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-11-08 17:32 - 2016-09-15 16:57 - 00392192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-11-08 17:32 - 2016-09-15 16:57 - 00315904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-11-08 17:32 - 2016-09-15 16:57 - 00171520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-11-08 17:32 - 2016-09-15 16:56 - 00609280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-11-08 17:32 - 2016-09-15 16:56 - 00265728 ____C C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-11-08 17:32 - 2016-09-15 16:56 - 00115712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-11-08 17:32 - 2016-09-15 16:55 - 00218624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-11-08 17:32 - 2016-09-15 16:54 - 00461312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-11-08 17:32 - 2016-09-15 16:54 - 00262144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-11-08 17:32 - 2016-09-15 16:53 - 00819200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-11-08 17:32 - 2016-09-15 16:52 - 01358336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-11-08 17:32 - 2016-09-15 16:52 - 00816640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-11-08 17:32 - 2016-09-15 16:52 - 00525824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-11-08 17:32 - 2016-09-15 16:52 - 00500224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-11-08 17:32 - 2016-09-15 16:52 - 00297472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-11-08 17:32 - 2016-09-15 16:51 - 00762368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-11-08 17:32 - 2016-09-15 16:50 - 01534464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-11-08 17:32 - 2016-09-15 16:50 - 00071168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-11-08 17:32 - 2016-09-15 16:49 - 00499200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-11-08 17:32 - 2016-09-15 16:49 - 00468992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-11-08 17:32 - 2016-09-15 16:48 - 01320448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-11-08 17:32 - 2016-09-15 16:47 - 01077760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-11-08 17:32 - 2016-09-15 16:46 - 00795648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-11-08 17:32 - 2016-09-15 16:46 - 00558080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-11-08 17:32 - 2016-09-15 16:46 - 00343040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-11-08 17:32 - 2016-09-15 16:46 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-11-08 17:32 - 2016-09-15 16:44 - 00118784 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-11-08 17:32 - 2016-09-15 16:43 - 00220672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-11-08 17:32 - 2016-09-15 16:43 - 00210432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-11-08 17:32 - 2016-09-15 16:43 - 00039424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-11-08 17:32 - 2016-09-15 16:42 - 01220608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-11-08 17:32 - 2016-09-15 16:42 - 00051712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-11-08 17:32 - 2016-09-15 16:41 - 00400384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-11-08 17:32 - 2016-09-15 16:41 - 00295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-11-08 17:32 - 2016-09-15 16:40 - 05061120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-11-08 17:32 - 2016-09-15 16:40 - 00467968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-11-08 17:32 - 2016-09-15 16:40 - 00114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-11-08 17:32 - 2016-09-15 16:40 - 00082432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-11-08 17:32 - 2016-09-15 16:39 - 01232384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-11-08 17:32 - 2016-09-15 16:39 - 01170944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-11-08 17:32 - 2016-09-15 16:39 - 00547840 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-11-08 17:32 - 2016-09-15 16:39 - 00186368 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-11-08 17:32 - 2016-09-15 16:38 - 01291264 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-11-08 17:32 - 2016-09-15 16:38 - 00203776 ____C (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-11-08 17:32 - 2016-09-15 16:38 - 00132096 ____C (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-11-08 17:32 - 2016-09-15 16:37 - 00568320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-11-08 17:32 - 2016-09-15 16:37 - 00266240 ____C (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-11-08 17:32 - 2016-09-15 16:37 - 00216576 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-11-08 17:32 - 2016-09-15 16:36 - 00852480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-11-08 17:32 - 2016-09-15 16:36 - 00648192 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-11-08 17:32 - 2016-09-15 16:36 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-11-08 17:32 - 2016-09-15 16:36 - 00166912 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 01060352 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00949248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00645120 ____C (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00538112 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00472064 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00431616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00417792 ____C (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00358400 ____C (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00331776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00329728 ____C (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-11-08 17:32 - 2016-09-15 16:35 - 00128000 ____C (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-11-08 17:32 - 2016-09-15 16:34 - 00671744 ____C (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-11-08 17:32 - 2016-09-15 16:34 - 00560640 ____C (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-11-08 17:32 - 2016-09-15 16:34 - 00437248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-11-08 17:32 - 2016-09-15 16:34 - 00284160 ____C (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-11-08 17:32 - 2016-09-15 16:33 - 00966144 ____C (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-11-08 17:32 - 2016-09-15 16:33 - 00896512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-11-08 17:32 - 2016-09-15 16:32 - 00634368 ____C (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-11-08 17:32 - 2016-09-15 16:32 - 00361472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-11-08 17:32 - 2016-09-15 16:30 - 01227264 ____C (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-11-08 17:32 - 2016-09-15 16:30 - 00112640 ____C (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-11-08 17:32 - 2016-09-15 16:28 - 00864256 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-11-08 17:32 - 2016-09-15 16:28 - 00798720 ____C (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-11-08 17:32 - 2016-09-15 16:28 - 00440320 ____C (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-11-08 17:32 - 2016-09-15 16:28 - 00159744 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-11-08 17:32 - 2016-09-15 16:27 - 00883712 ____C (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-11-08 17:32 - 2016-09-15 16:27 - 00279040 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-11-08 17:32 - 2016-09-15 16:27 - 00228352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-11-08 17:32 - 2016-09-15 16:27 - 00211968 ____C (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-11-08 17:32 - 2016-09-15 16:27 - 00171008 ____C (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-11-08 17:32 - 2016-09-15 16:26 - 00501248 ____C (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-11-08 17:32 - 2016-09-15 16:26 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-11-08 17:32 - 2016-09-15 16:25 - 00237056 ____C (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-11-08 17:32 - 2016-09-15 16:25 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-11-08 17:32 - 2016-09-15 16:24 - 01080320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-11-08 17:32 - 2016-09-15 16:24 - 00139776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-11-08 17:32 - 2016-09-15 16:23 - 00460800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-11-08 17:32 - 2016-09-15 16:21 - 00816640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-11-08 17:32 - 2016-09-15 16:20 - 02424320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-11-08 17:32 - 2016-09-15 16:20 - 01535488 ____C (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-11-08 17:32 - 2016-09-15 16:20 - 00845824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-11-08 17:32 - 2016-09-15 16:20 - 00691712 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-11-08 17:32 - 2016-09-15 16:20 - 00283648 ____C (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-11-08 17:32 - 2016-09-15 16:19 - 03202048 ____C (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-11-08 17:32 - 2016-09-15 16:19 - 00717824 ____C (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-11-08 17:32 - 2016-09-15 16:17 - 00122368 ____C (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-11-08 17:32 - 2016-09-15 16:16 - 00531456 ____C (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-11-08 17:32 - 2016-09-15 16:16 - 00483840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-11-08 17:32 - 2016-09-15 16:16 - 00387072 ____C (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-11-08 17:32 - 2016-09-15 16:16 - 00221696 ____C (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2016-11-08 17:32 - 2016-09-07 05:54 - 00133472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-11-08 17:32 - 2016-09-07 05:41 - 00172528 ____C (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-11-08 17:32 - 2016-09-07 05:34 - 00584544 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-11-08 17:32 - 2016-09-07 05:34 - 00360040 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-11-08 17:32 - 2016-09-07 05:34 - 00178528 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-11-08 17:32 - 2016-09-07 05:32 - 02206496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-11-08 17:32 - 2016-09-07 05:29 - 00755656 ____C (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-11-08 17:32 - 2016-09-07 05:29 - 00382272 ____C (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-11-08 17:32 - 2016-09-07 05:24 - 00057400 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-11-08 17:32 - 2016-09-07 05:17 - 00509792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-11-08 17:32 - 2016-09-07 05:07 - 00117240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-11-08 17:32 - 2016-09-07 05:04 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-11-08 17:32 - 2016-09-07 05:03 - 00409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-11-08 17:32 - 2016-09-07 05:03 - 00110080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-11-08 17:32 - 2016-09-07 05:03 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-11-08 17:32 - 2016-09-07 05:03 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-11-08 17:32 - 2016-09-07 05:03 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-11-08 17:32 - 2016-09-07 05:02 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-11-08 17:32 - 2016-09-07 05:01 - 00137728 ____C (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-11-08 17:32 - 2016-09-07 05:01 - 00068096 ____C (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-11-08 17:32 - 2016-09-07 05:01 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-11-08 17:32 - 2016-09-07 05:00 - 00052224 ____C (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-11-08 17:32 - 2016-09-07 05:00 - 00049152 ____C (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00263680 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00088064 ____C (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00071168 ____C (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00054784 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-11-08 17:32 - 2016-09-07 04:59 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00057344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00054784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00037888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-11-08 17:32 - 2016-09-07 04:58 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-11-08 17:32 - 2016-09-07 04:57 - 00224256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-11-08 17:32 - 2016-09-07 04:57 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-11-08 17:32 - 2016-09-07 04:57 - 00002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00327168 ____C (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00157696 ____C (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00140288 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-11-08 17:32 - 2016-09-07 04:56 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-11-08 17:32 - 2016-09-07 04:55 - 00820736 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-11-08 17:32 - 2016-09-07 04:55 - 00323584 ____C (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-11-08 17:32 - 2016-09-07 04:55 - 00243200 ____C (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-11-08 17:32 - 2016-09-07 04:55 - 00147456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-11-08 17:32 - 2016-09-07 04:54 - 00805888 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-11-08 17:32 - 2016-09-07 04:54 - 00446464 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-11-08 17:32 - 2016-09-07 04:54 - 00366592 ____C (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-11-08 17:32 - 2016-09-07 04:54 - 00315904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-11-08 17:32 - 2016-09-07 04:54 - 00055808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-11-08 17:32 - 2016-09-07 04:53 - 02083840 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-11-08 17:32 - 2016-09-07 04:53 - 00526848 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-11-08 17:32 - 2016-09-07 04:53 - 00302592 ____C (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-11-08 17:32 - 2016-09-07 04:53 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-11-08 17:32 - 2016-09-07 04:50 - 00426496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-11-08 17:32 - 2016-09-07 04:49 - 00260096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-11-08 17:32 - 2016-09-07 04:45 - 05398016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-11-08 17:32 - 2016-09-07 04:43 - 00484352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-11-08 17:32 - 2016-09-07 04:41 - 03435008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-11-08 17:32 - 2016-09-07 04:41 - 02947072 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-11-08 17:32 - 2016-09-07 04:41 - 02510848 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-11-08 17:32 - 2016-09-07 04:41 - 00932864 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-11-08 17:32 - 2016-09-07 04:40 - 02852864 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-08 17:32 - 2016-09-07 04:39 - 00895488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-11-08 17:32 - 2016-09-07 04:38 - 01232384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-11-08 17:32 - 2016-09-07 04:37 - 02820096 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-11-08 17:32 - 2016-09-07 04:34 - 04557824 ____C (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-11-08 17:32 - 2016-09-07 04:31 - 00461312 ____C (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-11-08 17:32 - 2016-08-27 04:58 - 00121368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-11-08 17:32 - 2016-08-20 05:34 - 00136032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-11-08 17:32 - 2016-08-20 05:16 - 00380928 ____C (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-11-08 17:32 - 2016-08-20 05:12 - 00476672 ____C (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-11-08 17:32 - 2016-08-20 05:07 - 00288768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-11-08 17:32 - 2016-08-20 05:07 - 00203776 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-11-08 17:32 - 2016-08-20 05:04 - 00592384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-11-08 17:32 - 2016-08-20 05:00 - 00141824 ____C (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-11-08 17:32 - 2016-08-06 04:26 - 01176664 ____C (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-11-08 17:32 - 2016-08-06 04:23 - 00168800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-11-08 17:32 - 2016-08-06 04:17 - 00790760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-11-08 17:32 - 2016-08-06 04:17 - 00619368 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-11-08 17:32 - 2016-08-06 04:16 - 00073568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-11-08 17:32 - 2016-08-06 04:16 - 00020320 ____C (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-11-08 17:32 - 2016-08-06 04:15 - 00408600 ____C (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-11-08 17:32 - 2016-08-06 04:03 - 01343928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-11-08 17:32 - 2016-08-06 04:03 - 00036168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-11-08 17:32 - 2016-08-06 03:50 - 02755584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-11-08 17:32 - 2016-08-06 03:48 - 02755584 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-11-08 17:32 - 2016-08-06 03:47 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS\system32\hidusb.sys
2016-11-08 17:32 - 2016-08-06 03:47 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-11-08 17:32 - 2016-08-06 03:46 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-11-08 17:32 - 2016-08-06 03:46 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2016-11-08 17:32 - 2016-08-06 03:46 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-11-08 17:32 - 2016-08-06 03:45 - 00327680 ____C (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-11-08 17:32 - 2016-08-06 03:45 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-11-08 17:32 - 2016-08-06 03:44 - 00047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-11-08 17:32 - 2016-08-06 03:44 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-11-08 17:32 - 2016-08-06 03:43 - 00200704 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-11-08 17:32 - 2016-08-06 03:40 - 00239104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-11-08 17:32 - 2016-08-06 03:36 - 00447488 ____C (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-11-08 17:32 - 2016-08-06 03:33 - 00396800 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-11-08 17:32 - 2016-08-06 03:31 - 00100864 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-11-08 17:32 - 2016-08-06 03:29 - 00298496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-11-08 17:32 - 2016-08-06 03:29 - 00123904 ____C (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-11-08 17:32 - 2016-08-06 03:28 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-11-08 17:32 - 2016-08-06 03:21 - 00102400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-11-08 17:32 - 2016-08-06 03:19 - 00114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-11-08 17:32 - 2016-08-05 09:14 - 01066328 ____C (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-11-08 17:32 - 2016-08-05 09:10 - 00939872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-11-08 17:32 - 2016-08-05 09:05 - 00665768 ____C (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-11-08 17:32 - 2016-08-05 08:29 - 00568832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-11-08 17:32 - 2016-08-05 08:28 - 00022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-11-08 17:32 - 2016-08-05 08:23 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-11-08 17:32 - 2016-08-05 08:22 - 00138240 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-11-08 17:32 - 2016-08-05 08:18 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-11-08 17:32 - 2016-08-05 08:08 - 00135168 ____C (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-11-08 17:32 - 2016-08-02 08:21 - 00140288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-11-08 17:32 - 2016-08-02 08:15 - 00231424 ____C (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-11-08 17:32 - 2016-08-02 08:13 - 01081856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-11-08 17:32 - 2016-08-02 04:37 - 00121344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-11-08 17:32 - 2016-07-22 01:18 - 00297552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-11-08 11:00 - 2016-11-08 11:00 - 00000000 ____D C:\Users\Fraser Ross\AppData\Roaming\TuneUp Software
2016-11-08 11:00 - 2016-11-08 11:00 - 00000000 ____D C:\Users\Fraser Ross\AppData\Roaming\AVG
2016-11-08 10:55 - 2016-11-08 15:50 - 00000000 ____D C:\Users\Fraser Ross\AppData\Local\AvgSetupLog
2016-11-08 10:55 - 2016-11-08 15:44 - 00000000 ____D C:\Users\Fraser Ross\AppData\Local\Avg
2016-11-08 10:54 - 2016-11-08 10:55 - 03312896 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Fraser Ross\Downloads\AVG_Protection_Free_698.exe
2016-11-08 10:40 - 2016-11-11 15:35 - 00000000 ___DC C:\AdwCleaner
2016-11-08 10:39 - 2016-11-08 10:40 - 03910208 _____ C:\Users\Fraser Ross\Downloads\adwcleaner_6.030.exe
2016-11-07 16:07 - 2016-11-10 15:16 - 00001463 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-11-07 16:07 - 2016-11-07 16:07 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-11-07 16:07 - 2016-11-07 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-11-07 16:07 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2016-11-07 15:55 - 2016-11-07 11:08 - 00457132 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20161107-155502.backup
2016-11-07 11:10 - 2016-11-07 11:12 - 00001024 ___HC C:\AMTAG.BIN
2016-11-07 11:06 - 2016-11-07 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2016-11-07 10:41 - 2016-11-07 10:41 - 00000000 ____D C:\Program Files (x86)\StartW8
2016-11-07 01:02 - 2016-11-07 01:02 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-11-07 01:01 - 2016-11-07 01:01 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-11-07 01:01 - 2016-11-07 01:01 - 00000000 ____D C:\Program Files\MSBuild
2016-11-07 01:01 - 2016-11-07 01:01 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-07 01:01 - 2016-11-06 17:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-07 01:00 - 2016-05-25 22:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-11-07 01:00 - 2016-05-25 22:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-07 01:00 - 2016-05-25 22:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-11-07 01:00 - 2016-05-25 19:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-11-07 01:00 - 2016-05-25 19:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-11-07 01:00 - 2016-05-25 19:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-11-06 18:11 - 2016-11-06 18:11 - 00000000 ____D C:\ProgramData\USOShared
2016-11-06 18:10 - 2016-11-06 18:10 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-06 18:06 - 2016-11-06 18:30 - 00000000 ____D C:\Users\Fraser Ross\AppData\Local\ConnectedDevicesPlatform
2016-11-06 18:06 - 2016-11-06 18:06 - 00000020 ___SH C:\Users\Fraser Ross\ntuser.ini
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default\My Documents
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-11-06 17:55 - 2016-11-06 17:55 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-11-06 17:52 - 2016-11-06 17:54 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-11-06 17:52 - 2016-11-06 17:54 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-11-06 17:50 - 2016-11-12 10:24 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2016-11-06 17:50 - 2016-11-11 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-06 17:50 - 2016-11-06 17:50 - 00002880 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3240783315-1213011343-4006949943-1000
2016-11-06 17:50 - 2016-11-06 17:50 - 00002344 _____ C:\WINDOWS\System32\Tasks\{6DDCC59A-CD43-492C-AF13-CAAF0BD3C4DD}
2016-11-06 17:50 - 2016-11-06 17:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-11-06 17:50 - 2016-11-06 17:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-11-06 17:49 - 2016-11-09 14:04 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-06 17:49 - 2016-11-06 17:50 - 00003318 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3240783315-1213011343-4006949943-1000
2016-11-06 17:49 - 2016-11-06 17:50 - 00003222 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3240783315-1213011343-4006949943-1000
2016-11-06 17:49 - 2016-11-06 17:50 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-11-06 17:31 - 2016-11-06 17:31 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-06 17:31 - 2016-11-06 17:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-11-06 17:31 - 2016-11-06 17:31 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-11-06 17:31 - 2016-11-06 17:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-11-06 17:31 - 2016-11-06 17:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-11-06 17:21 - 2016-11-06 17:21 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-11-06 17:19 - 2016-11-06 17:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-11-06 17:16 - 2016-11-11 17:43 - 00000000 ____D C:\Users\Fraser Ross
2016-11-06 17:16 - 2016-11-06 17:16 - 00000000 _SHDL C:\Users\Fraser Ross\My Documents
2016-11-06 17:16 - 2016-11-06 17:16 - 00000000 _SHDL C:\Users\Fraser Ross\Documents\My Videos
2016-11-06 17:16 - 2016-11-06 17:16 - 00000000 _SHDL C:\Users\Fraser Ross\Documents\My Pictures
2016-11-06 17:16 - 2016-11-06 17:16 - 00000000 _SHDL C:\Users\Fraser Ross\Documents\My Music
2016-11-06 17:12 - 2016-11-06 17:12 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-11-06 17:12 - 2016-11-06 17:12 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-11-06 17:12 - 2016-11-06 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-11-06 17:12 - 2016-11-06 17:12 - 00000000 ____D C:\Program Files\Realtek
2016-11-06 17:11 - 2016-07-16 11:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-11-06 17:09 - 2016-11-12 09:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-06 17:09 - 2016-11-11 12:08 - 00357960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-06 17:09 - 2016-11-06 17:09 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-11-06 10:46 - 2016-11-12 10:24 - 00000000 ____C C:\WINDOWS\system32\version.tmp
2016-10-13 21:55 - 2016-10-13 21:55 - 02468304 _____ (Logitech, Inc.) C:\WINDOWS\system32\LdaCx2.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-12 10:38 - 2016-07-16 11:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-12 10:38 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-12 10:34 - 2013-05-06 17:06 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Local\ElevatedDiagnostics
2016-11-12 10:33 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-12 10:31 - 2015-07-30 17:14 - 01129462 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-12 10:24 - 2013-05-05 17:06 - 00143248 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2016-11-12 10:23 - 2016-07-16 06:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-12 10:22 - 2013-05-05 17:05 - 00000000 ___DC C:\ProgramData\WRData
2016-11-12 10:21 - 2016-07-16 11:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-12 08:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-12 08:40 - 2015-07-30 18:51 - 00001298 ____C C:\Users\Fraser Ross\Desktop\Internet Explorer.lnk
2016-11-12 08:39 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-12 08:39 - 2014-07-23 13:52 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Local\Adobe
2016-11-12 08:15 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-12 08:08 - 2016-07-16 11:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-11 20:17 - 2014-05-21 14:47 - 00192216 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-11 17:31 - 2015-09-04 13:44 - 00000214 ____C C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-11-11 13:19 - 2013-05-01 19:50 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Roaming\CheckPoint
2016-11-11 12:42 - 2015-08-05 11:27 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-11 12:39 - 2013-08-22 15:36 - 00000000 __HDC C:\WINDOWS\system32\GroupPolicy
2016-11-11 12:39 - 2013-05-18 12:53 - 00000000 ___DC C:\Users\Fraser Ross\AppData\LocalLow\Temp
2016-11-11 12:31 - 2014-08-14 09:40 - 00000000 ___DC C:\Program Files (x86)\Java
2016-11-11 12:30 - 2014-10-18 07:40 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-11 12:15 - 2015-07-30 17:18 - 00000000 _RHDC C:\Users\Public\AccountPictures
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 12:04 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-11 11:48 - 2013-07-18 11:11 - 00000000 ___DC C:\WINDOWS\system32\MRT
2016-11-11 11:36 - 2013-05-03 14:14 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-10 18:39 - 2014-02-26 12:16 - 00000000 __RDC C:\Users\Fraser Ross\Sync
2016-11-10 17:01 - 2013-12-01 10:46 - 00001074 ____C C:\Users\Fraser Ross\Desktop\CheckAll.BAT - Shortcut.lnk
2016-11-09 18:20 - 2013-12-06 12:22 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-11-08 18:02 - 2016-02-22 11:33 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-08 17:46 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-11-08 17:46 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-11-08 17:46 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-11-08 17:45 - 2016-07-16 14:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-11-08 17:45 - 2016-07-16 11:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-08 17:45 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-08 17:45 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-08 17:45 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-11-08 16:42 - 2013-10-19 14:05 - 00000000 ___DC C:\ProgramData\Oracle
2016-11-08 16:37 - 2014-12-30 11:28 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-11-08 15:44 - 2013-07-15 16:09 - 00000000 ___DC C:\ProgramData\MFAData
2016-11-08 13:05 - 2016-07-16 11:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-11-08 11:02 - 2016-07-16 06:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-11-07 16:07 - 2015-07-30 17:37 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2016-11-07 10:32 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-11-07 01:07 - 2016-07-16 11:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-11-06 18:34 - 2013-06-01 15:15 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Local\Packages
2016-11-06 18:11 - 2016-07-16 11:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-11-06 18:11 - 2015-07-30 17:22 - 00002439 _____ C:\Users\Fraser Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-11-06 18:11 - 2015-07-30 17:22 - 00000000 __RDC C:\Users\Fraser Ross\OneDrive
2016-11-06 17:55 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-06 17:55 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\Registration
2016-11-06 17:52 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-11-06 17:52 - 2015-10-30 07:24 - 00000000 ___DC C:\WINDOWS\system32\Tasks_Migrated
2016-11-06 17:50 - 2015-06-17 13:00 - 00000720 ____C C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3240783315-1213011343-4006949943-1000.job
2016-11-06 17:44 - 2013-06-01 15:02 - 00022840 ____C C:\WINDOWS\system32\emptyregdb.dat
2016-11-06 17:43 - 2016-07-16 11:47 - 00000000 __RSD C:\WINDOWS\Media
2016-11-06 17:42 - 2016-07-16 11:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-06 17:33 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-11-06 17:33 - 2016-07-16 08:13 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio 10.1 Berlin
2016-11-06 17:33 - 2016-06-03 10:42 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-11-06 17:33 - 2016-05-14 12:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Measurement
2016-11-06 17:33 - 2016-04-05 08:56 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.0
2016-11-06 17:33 - 2016-02-23 13:27 - 00000000 ___DC C:\WINDOWS\SysWOW64\PolicyDefinitions
2016-11-06 17:33 - 2016-02-23 13:27 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon
2016-11-06 17:33 - 2016-02-22 14:12 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2016-11-06 17:33 - 2016-02-22 13:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Processor Identification Utility
2016-11-06 17:33 - 2016-02-22 12:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-11-06 17:33 - 2015-10-30 18:09 - 00000000 ___DC C:\WINDOWS\ShellNew
2016-11-06 17:33 - 2015-09-01 12:42 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-11-06 17:33 - 2015-08-12 11:01 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-11-06 17:33 - 2015-08-12 10:56 - 00000000 ___DC C:\WINDOWS\SysWOW64\1033
2016-11-06 17:33 - 2015-08-12 10:56 - 00000000 ___DC C:\WINDOWS\system32\1033
2016-11-06 17:33 - 2015-07-26 11:06 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft .NET Framework SDK v1.1
2016-11-06 17:33 - 2015-07-23 10:18 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2016-11-06 17:33 - 2015-07-22 13:57 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B-Link Wireless
2016-11-06 17:33 - 2015-07-08 12:58 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Image Assistant
2016-11-06 17:33 - 2015-06-15 12:56 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraSearch
2016-11-06 17:33 - 2015-06-15 10:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2016-11-06 17:33 - 2015-06-03 16:46 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDE Information Utility
2016-11-06 17:33 - 2015-05-12 11:27 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borland Developer Studio 2006
2016-11-06 17:33 - 2015-04-30 12:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-06 17:33 - 2015-04-15 14:54 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2016-11-06 17:33 - 2015-04-08 14:48 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-11-06 17:33 - 2014-12-30 11:49 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-11-06 17:33 - 2014-08-19 11:34 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE Outlook PST File Viewer
2016-11-06 17:33 - 2014-07-24 14:14 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartitionGuru
2016-11-06 17:33 - 2014-05-21 14:47 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-06 17:33 - 2014-03-26 17:09 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ File Recovery
2016-11-06 17:33 - 2013-11-28 18:00 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-06 17:33 - 2013-11-28 16:34 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-11-06 17:33 - 2013-08-25 17:50 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-11-06 17:33 - 2013-06-25 18:02 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Partition Manager
2016-11-06 17:33 - 2013-06-24 17:19 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCoupe
2016-11-06 17:33 - 2013-06-15 13:45 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2016-11-06 17:33 - 2013-06-05 12:43 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerQuest Drive Image 2002
2016-11-06 17:33 - 2013-06-04 18:56 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
2016-11-06 17:33 - 2013-06-04 18:12 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graph
2016-11-06 17:33 - 2013-05-09 11:12 - 00000000 ___DC C:\Users\Fraser Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoldWave
2016-11-06 17:33 - 2013-05-09 11:02 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2016-11-06 17:33 - 2013-05-09 10:48 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It!
2016-11-06 17:33 - 2013-05-05 17:06 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2016-11-06 17:33 - 2013-05-02 13:31 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2016-11-06 17:31 - 2016-07-16 11:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-06 17:31 - 2015-10-30 06:28 - 00000000 ___DC C:\Users\Default.migrated
2016-11-06 17:24 - 2016-07-16 14:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-11-06 17:24 - 2016-07-16 14:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-11-06 17:24 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-11-06 17:24 - 2013-05-03 19:45 - 00000000 ___DC C:\WINDOWS\SysWOW64\x64
2016-11-06 17:23 - 2016-07-16 14:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-11-06 17:23 - 2016-07-16 14:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-11-06 17:23 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-11-06 17:23 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-11-06 17:23 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-11-06 17:23 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-11-06 17:23 - 2015-07-22 13:56 - 00000000 ___DC C:\WINDOWS\system32\RaLanguages
2016-11-06 17:23 - 2013-08-22 15:36 - 00000000 ___DC C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-11-06 17:23 - 2013-08-22 15:36 - 00000000 ___DC C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-11-06 17:22 - 2016-07-16 14:15 - 00000000 ____D C:\WINDOWS\OCR
2016-11-06 17:22 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\System
2016-11-06 17:22 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\schemas
2016-11-06 17:22 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-11-06 17:22 - 2013-06-02 13:13 - 00000000 ___DC C:\WINDOWS\system32\appmgmt
2016-11-06 17:21 - 2016-07-19 15:44 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leckie and Leckie Success CDs
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\IME
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\Help
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-11-06 17:21 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-06 17:21 - 2016-06-07 13:14 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cppcheck x64 1.74
2016-11-06 17:21 - 2016-05-14 12:06 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GLPCCamera
2016-11-06 17:21 - 2016-04-05 08:58 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-11-06 17:21 - 2016-02-22 13:23 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2016-11-06 17:21 - 2015-08-12 11:01 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-11-06 17:21 - 2014-03-11 19:09 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
2016-11-06 17:21 - 2013-11-12 09:23 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-11-06 17:21 - 2013-09-24 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-11-06 17:21 - 2013-06-04 18:12 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graph
2016-11-06 17:21 - 2013-05-09 18:10 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-11-06 17:21 - 2013-05-03 19:50 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-11-06 17:21 - 2011-04-12 08:28 - 00000000 __RDC C:\Users\Public\Recorded TV
2016-11-06 17:13 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-11-06 17:13 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-11-06 16:49 - 2013-04-27 22:19 - 00008192 _RSHC C:\BOOTSECT.BAK
2016-11-06 16:37 - 2015-06-17 13:00 - 00000624 ____C C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3240783315-1213011343-4006949943-1000.job
2016-11-06 12:49 - 2015-10-26 16:21 - 00000742 ____C C:\Users\Public\Desktop\CCleaner.lnk
2016-11-06 11:01 - 2016-05-01 15:43 - 00002457 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-06 10:51 - 2013-05-05 17:06 - 00184760 ____C (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2016-11-06 10:51 - 2013-05-05 17:06 - 00118384 ____C (Webroot) C:\WINDOWS\system32\WRusr.dll
2016-11-02 15:56 - 2013-04-27 22:19 - 00389408 __RSH C:\bootmgr
2016-10-28 23:56 - 2016-07-16 11:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 23:56 - 2016-07-16 11:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-13 21:55 - 2012-09-20 15:02 - 03942864 _____ (Logitech, Inc.) C:\WINDOWS\system32\LogiLDA.DLL
==================== Files in the root of some directories =======
2015-05-11 17:47 - 2015-05-11 17:47 - 0013030 ____C () C:\Users\Fraser Ross\AppData\Roaming\PDOXUSRS.NET
2013-06-14 12:16 - 2013-10-20 16:17 - 0241245 ____C () C:\Users\Fraser Ross\AppData\Roaming\Safer-Networking.log
2015-04-15 14:58 - 2015-04-15 14:58 - 0000000 ____C () C:\Users\Fraser Ross\AppData\Roaming\wklnhst.dat
2013-09-24 13:50 - 2013-11-03 11:10 - 0004608 ____C () C:\Users\Fraser Ross\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-12 10:45 - 2015-05-12 10:45 - 0000099 ____C () C:\Users\Fraser Ross\AppData\Local\fusioncache.dat
2013-05-04 14:44 - 2015-08-03 14:37 - 0007598 ____C () C:\Users\Fraser Ross\AppData\Local\resmon.resmoncfg
2016-11-06 17:12 - 2016-11-06 17:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-06 17:09
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Fraser Ross (12-11-2016 10:39:28)
Running from C:\Users\Fraser Ross\Desktop
Windows 10 Pro Version 1607 (X64) (2016-11-06 17:59:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3240783315-1213011343-4006949943-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3240783315-1213011343-4006949943-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-3240783315-1213011343-4006949943-503 - Limited - Disabled)
Fraser Ross (S-1-5-21-3240783315-1213011343-4006949943-1000 - Administrator - Enabled) => C:\Users\Fraser Ross
Guest (S-1-5-21-3240783315-1213011343-4006949943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3240783315-1213011343-4006949943-1009 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Enabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{F11B92AF-B753-455B-BD04-898A84863B0B}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Active@ File Recovery 12 (HKLM\...\{177608F6-F029-4301-B176-15BA7C605B73}_is1) (Version: 12 - LSoft Technologies Inc)
Active@ Partition Manager 5 (HKLM\...\{FE2483C5-A90C-401D-967F-023A9C3CAAAF}_is1) (Version: 5 - LSoft Technologies Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
AX88772C_772B_772A_772 Windows 8.x Drivers [v3.16.10.0] (HKLM-x32\...\InstallShield_{64D4DE98-8A33-4ED6-BF91-B52F6358B166}) (Version: 3.0.3.0 - ASIX Electronics Corporation)
AX88772C_772B_772A_772 Windows 8.x Drivers [v3.16.10.0] (x32 Version: 3.0.3.0 - ASIX Electronics Corporation) Hidden
BDE Information Utility (HKLM-x32\...\BDE Information Utility) (Version: - InterBase Installation Info (and BDE Information Utility))
BDE_ENT (x32 Version: 5.1.1 - Borland Software Corp.) Hidden
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
B-Link Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.26.0 - B-Link)
Borland Turbo C++ (HKLM-x32\...\{7ED5371F-F4EA-48F9-B8F7-C8777AD9DF69}) (Version: 10.0.3 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Compare It! (HKLM-x32\...\Compare It!_is1) (Version: 4.2 - Grig Software)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cppcheck x64 1.74 (HKLM\...\{C8F47281-B55C-4F6D-BBB2-F11C76482ABD}) (Version: 1.74 - The Cppcheck team)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Drive Image (x32 Version: 6.00.000 - PowerQuest) Hidden
Eassos PartitionGuru 4.7.2 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version: - Eassos Co., Ltd.)
Elevated Installer (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FREE Outlook PST File Viewer version 2.0 (HKLM-x32\...\{FC708B30-BA65-4091-B93C-A50A367B6448}_is1) (Version: 2.0 - www.freeviewer.org)
Garmin Express (HKLM-x32\...\{3ee9d193-ab0b-47f1-a31c-cce4678679ce}) (Version: 4.0.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 14.03.11.0 - GenesysLogic)
GoldWave v5.68 (HKLM-x32\...\GoldWave v5.68) (Version: 5.68 - GoldWave Inc.)
GoToMeeting 7.26.0.5808 (HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\GoToMeeting) (Version: 7.26.0.5808 - CitrixOnline)
Graph 4.4.2 (HKLM-x32\...\Graph_is1) (Version: - Ivan Johansen)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
HWiNFO64 Version 5.02 (HKLM\...\HWiNFO64_is1) (Version: 5.02 - Martin Malík - REALiX)
Intel(R) Chipset Device Software (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Integrator Toolkit 5 (HKLM-x32\...\{E7597FFE-2C87-4939-89E6-38EF01C247DF}) (Version: 1.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Laplink PCmover Image Assistant (HKLM-x32\...\{880C0A42-B220-4136-AC91-A19A6C9B17B9}) (Version: 8.20.635 - Laplink Software, Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Measurement version 2.0 (HKLM-x32\...\{D694A790-B0B4-43A3-9482-2E7AC0B95C7C}_is1) (Version: 2.0 - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework SDK (English) 1.1 (HKLM-x32\...\{EB9BD1D5-8DFB-48C4-927B-10BB47CA59B3}) (Version: 1.1.4322 - Microsoft)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 for Windows Desktop - ENU (HKLM-x32\...\{cf9e81f7-4c03-403e-92b1-93d18aa8c3a4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Windows 10 SDK Installer (HKLM-x32\...\Microsoft Windows 10 SDK Installer) (Version: 18.0 - Embarcadero Technologies Inc.)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 en-GB) (HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Mozilla Firefox 48.0.2 (x86 en-GB)) (Version: 48.0.2 - Mozilla)
Mozilla Thunderbird 45.3.0 (x86 en-GB) (HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Mozilla Thunderbird 45.3.0 (x86 en-GB)) (Version: 45.3.0 - Mozilla)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1053.0 - Passmark Software)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
RAD Studio 10.1 Berlin version 18.0 (HKLM-x32\...\{F4A93EC9-7AD8-4874-853D-02C09A51B141}_is1) (Version: 18.0 - Embarcadero Technologies, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Registrar Registry Manager 8.00 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SimCoupe (HKLM-x32\...\SimCoupe) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.)
Standard Grade English Success Guide (HKLM-x32\...\{C726D498-724F-4F86-907D-278083340CC8}) (Version: 3.0.0.0 - 3MRT)
StartW8 1.2.111.0 (HKLM-x32\...\{2FA895E0-C8CF-4216-90AB-C2E21A62BCB1}) (Version: 1.2.111.0 - SODATSW spol. s r. o.)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
UltraSearch V2.0.3 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 2.0.3 - JAM Software)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.13.62 - Webroot)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
ZoneAlarm Antivirus (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 14.1.057.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 14.1.057.000 - Check Point)
ZoneAlarm Security (x32 Version: 14.1.057.000 - Check Point Software Technologies Ltd.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Fraser Ross\AppData\Local\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C4768E9-953E-470B-81D4-06316CE2FF31} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1FED9775-13FA-4DDC-8703-AAF8D49E67D7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BDDB070-F020-49A5-9220-82D3129DFFD9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CC84D94-3EE5-44A4-8647-B22D7F547F18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {346BF243-F675-478A-BDBD-3CFB38198A3A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {48595EC4-1D31-4A88-99B3-AB45CDD63EDD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {515A6BBD-898D-4C19-A593-4B849587BDD4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53959AED-D485-4CBB-ACC2-FEF27F5EE8A4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CD94585-513A-469C-9329-02802BFDB211} - System32\Tasks\G2MUpdateTask-S-1-5-21-3240783315-1213011343-4006949943-1000 => C:\Users\Fraser Ross\AppData\Local\Citrix\GoToMeeting\5808\g2mupdate.exe [2016-11-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6EE898C9-D8A9-466F-9241-ED7E6FCAC876} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {727DBBF7-E3A0-4AE7-A257-B9A0A1536799} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {76150396-6FDD-45B9-9FAA-279A9BB9D189} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7617D5C2-B966-44C9-8E3A-1C529B076AA1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7B2D1CDD-9D4D-461C-8D89-240FE5D6A32E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {930F199B-1229-4FFB-B1C0-167A3C9F638B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {93D7E656-3CD3-4C3B-97A5-F4640A21D915} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A75A5409-1266-4CCC-93CE-1514722F7CCF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BD8BCE79-B145-453A-98AB-33DE7536E50E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BFC18358-6B16-4810-899F-DF2DA5932BC8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C472FF2B-C064-46B1-B8F0-ED17BBBC28B8} - System32\Tasks\CCleanerSkipUAC => I:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {D09BFFB9-0840-46A4-AA20-8B126ABC634C} - System32\Tasks\{6DDCC59A-CD43-492C-AF13-CAAF0BD3C4DD} => pcalua.exe -a "F:\Program Files (x86)\Borland\BDS\4.0\Bin\bds.exe" -d "C:\Users\Fraser Ross\Desktop" -c -pCBuilder
Task: {DFA8DD62-74B1-4532-B046-965AEF719A75} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E1F2A746-33F2-4467-9BC7-5782C90C121A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {ECD18769-71C6-4A06-819E-C2C99305EDC7} - System32\Tasks\G2MUploadTask-S-1-5-21-3240783315-1213011343-4006949943-1000 => C:\Users\Fraser Ross\AppData\Local\Citrix\GoToMeeting\5808\g2mupload.exe [2016-11-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EF86434C-58BB-47B1-8E28-9E9F3C07AB7B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3240783315-1213011343-4006949943-1000.job => C:\Users\Fraser Ross\AppData\Local\Citrix\GoToMeeting\5808\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3240783315-1213011343-4006949943-1000.job => C:\Users\Fraser Ross\AppData\Local\Citrix\GoToMeeting\5808\g2mupload.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Fraser Ross\Desktop\CheckAll.BAT - Shortcut.lnk -> D:\CheckAll.BAT ()
ShortcutWithArgument: C:\Users\Fraser Ross\Desktop\Intel(R) Integrator Toolkit 5.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.intel.com/go/itk
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-08 17:34 - 2016-09-15 17:25 - 02681200 ____C () C:\WINDOWS\system32\CoreUIComponents.dll
2014-03-11 19:09 - 2011-03-15 14:18 - 00055920 _____ () C:\Program Files (x86)\VIA\RAID\vialogsv.exe
2016-11-08 17:34 - 2016-09-15 17:25 - 02681200 ____C () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-06 18:11 - 2016-11-06 18:11 - 00959168 ____C () C:\Users\Fraser Ross\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 02811008 _____ () I:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2016-11-08 17:34 - 2016-09-07 04:56 - 00134656 ____C () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-11 11:28 - 2016-11-02 10:30 - 00474112 ____C () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-11 11:28 - 2016-11-02 10:21 - 09760768 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-11 11:28 - 2016-11-02 10:15 - 01401856 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-11 11:27 - 2016-11-02 10:14 - 00757248 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-11 11:28 - 2016-11-02 10:16 - 02424320 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-11 11:28 - 2016-11-02 10:17 - 04853760 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-20 17:14 - 2015-11-20 17:14 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-11 19:09 - 2011-03-15 14:18 - 02378352 _____ () C:\Program Files (x86)\VIA\RAID\raid_tool.exe
2015-11-03 06:42 - 2015-11-03 06:42 - 00794920 _____ () I:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll
2016-11-07 16:07 - 2014-05-13 12:04 - 00109400 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-11-07 16:07 - 2014-05-13 12:04 - 00416600 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-11-07 16:07 - 2014-05-13 12:04 - 00167768 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-11-07 16:07 - 2012-08-23 10:38 - 00574840 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-11 19:09 - 2011-02-14 10:42 - 00200704 _____ () C:\Program Files (x86)\VIA\RAID\drvInterface.dll
2014-03-11 19:09 - 2011-02-14 10:53 - 00581632 ____R () C:\Program Files (x86)\VIA\RAID\language.dll
2015-09-04 12:59 - 2013-05-13 14:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () I:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7916 more sites.
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\amazon.co.uk -> hxxps://www.amazon.co.uk
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\flightradar24.com -> hxxp://www.flightradar24.com
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\grc.com -> hxxps://www.grc.com
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\mathhelpforum.com -> hxxp://mathhelpforum.com
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\spybot.info -> hxxps://forums.spybot.info
IE trusted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\sqa.org.uk -> hxxp://www.sqa.org.uk
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\123simsen.com -> www.123simsen.com
There are 7917 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 05:26 - 2016-11-07 15:55 - 00457232 ___RC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15664 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ipTray.exe"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{DDE39860-F093-48C0-92AE-F20AE4E9293C}F:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) F:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{94D7EFA7-7C30-41C0-A646-B034E18CCDE5}F:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) F:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [{69BB2A43-6432-4197-84BA-0A6D53CC67DF}] => (Allow) I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{71CE1664-5775-451E-BDEA-3165794CD998}] => (Allow) I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{F48EC2A6-8641-4D65-A3E3-A7A94E9E38E6}] => (Allow) I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{60A08461-5E5D-49F6-899F-EAD93C58EAFC}] => (Allow) I:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{3A86F1FA-02AA-4954-ABDC-8DDD72BF183A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{03C4DB14-47F2-4AA8-B96A-36F2BE0BCB4B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{621C3756-B648-4EAC-B040-F1C3D66B0419}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{3CEA4340-F82C-4FA2-B5A0-208369499C82}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{1FAE52D3-36E4-4407-8F26-3BD4DDE04367}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{EA787F38-A4F2-4A92-BEDE-1C9F8BC6553A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C420BEAD-F384-4E95-9976-654B744379C0}] => (Allow) C:\Users\Fraser Ross\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E7665847-4365-41FB-83D8-BF2BE8F04754}] => (Allow) C:\Users\Fraser Ross\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{48433FEE-4B5F-48F7-842A-88546111B894}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{6E89B0E9-370B-4874-BF47-EA4184861981}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{6B77AE7A-446E-4455-8E21-9F3D59ED4FB7}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{4472BECD-C723-4EC9-95AD-753C9284F96D}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{55EC2839-BFF4-43AA-8E21-D7CE37FDDABE}I:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) I:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{592C50DC-EF56-4866-A47D-B0A6E8B2B3AF}I:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) I:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{F010CB94-478A-41C0-86E8-DE523D3C7DBD}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{9B722DDC-F588-4389-8930-25C4A0F98814}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [TCP Query User{A8025628-85E1-486C-B4C8-4E2A4156EC7B}F:\program files (x86)\embarcadero\studio\16.0\bin\bds.exe] => (Allow) F:\program files (x86)\embarcadero\studio\16.0\bin\bds.exe
FirewallRules: [UDP Query User{1197FF32-6D62-42A7-B594-03FC86103457}F:\program files (x86)\embarcadero\studio\16.0\bin\bds.exe] => (Allow) F:\program files (x86)\embarcadero\studio\16.0\bin\bds.exe
FirewallRules: [{DCAECFA8-378C-4D3F-A3B6-B7F810C0956E}] => (Allow) I:\Program Files (x86)\Laplink\PCmover\pcmover.exe
FirewallRules: [{E5545D88-90F9-415F-A6B6-0E0540A5C18F}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaUI.exe
FirewallRules: [{095D6308-9CDF-4AF0-BDDF-F2087E2861C4}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaUI.exe
FirewallRules: [{121694BF-C97A-4903-9AE9-582983BD51EB}] => (Allow) C:\Program Files (x86)\B-Link\Common\ApUI.exe
FirewallRules: [{546BA8E0-B040-4D0F-9AC3-28345CCA57C4}] => (Allow) C:\Program Files (x86)\B-Link\Common\ApUI.exe
FirewallRules: [{0221E934-7552-4A09-BF77-CA179CF70C42}] => (Allow) I:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02133C94-EF5E-403B-BAB4-1548E9DFEE0A}] => (Allow) I:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB22DF4B-2815-4A53-888E-0DBB3092AEE6}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe
FirewallRules: [{93D7A67C-BFFC-4337-9FA4-80D1EA76C875}] => (Allow) C:\Program Files (x86)\B-Link\Common\RaMediaServer.exe
FirewallRules: [{F201ED2B-46DB-4B8A-B40E-50898AEC4B2B}] => (Allow) F:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe
FirewallRules: [{EFCA261C-2C31-4FB6-84BA-C3273561C64D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{AE64BBD5-3E5D-4910-BB61-27136B21B39F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2016 10:40:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:40:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:40:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:40:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:27:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:27:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:27:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:27:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2016 10:26:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FROSSDESKTOP)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/12/2016 10:16:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FROSSDESKTOP)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (11/12/2016 10:25:23 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the StartW8Service service.
Error: (11/12/2016 10:25:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetTcpPortSharing service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/12/2016 10:25:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetTcpPortSharing service to connect.
Error: (11/12/2016 10:25:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/12/2016 10:25:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/12/2016 10:25:07 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. The request is not supported.
Error: (11/12/2016 10:25:07 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [rasgreeng.dll] failed to initialize. The specified module could not be found.
Error: (11/12/2016 10:23:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the StartW8Service service.
Error: (11/12/2016 10:14:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/12/2016 10:06:14 AM) (Source: DCOM) (EventID: 10001) (User: FROSSDESKTOP)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"15616"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
CodeIntegrity:
===================================
Date: 2016-11-12 10:38:29.583
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-12 10:37:33.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-11-12 10:29:45.802
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-12 10:04:20.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-11-12 09:49:59.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-11-12 09:38:41.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-12 09:35:47.568
Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.
Date: 2016-11-12 09:05:47.028
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-12 09:01:47.805
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-12 09:00:19.231
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume11\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G840 @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 8085 MB
Available physical RAM: 5645.01 MB
Total Virtual: 16277 MB
Available Virtual: 13843.2 MB
==================== Drives ================================
Drive c: (WINDOWS8PRO) (Fixed) (Total:74.53 GB) (Free:29.65 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (PERSONAL) (Fixed) (Total:19.08 GB) (Free:13.97 GB) NTFS
Drive e: (MS-DOS) (Fixed) (Total:0.27 GB) (Free:0.17 GB) FAT32
Drive f: (PROGRAMMING) (Fixed) (Total:56.91 GB) (Free:50.87 GB) NTFS
Drive g: (STORE) (Fixed) (Total:10.47 GB) (Free:5.69 GB) NTFS
Drive h: (SOFTWARE) (Fixed) (Total:58.6 GB) (Free:32.67 GB) NTFS
Drive i: (PROGRAM FILES) (Fixed) (Total:26.26 GB) (Free:21.06 GB) NTFS
Drive j: (BACKUP) (Fixed) (Total:53.36 GB) (Free:26.95 GB) NTFS
Drive w: (VIDEOS) (Fixed) (Total:40.78 GB) (Free:0.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 445FB159)
Partition 1: (Not Active) - (Size=40.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=83.2 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 45FC08D3)
Partition 1: (Not Active) - (Size=26.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=206.6 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 0D061142)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
The problem seems to be with TCP/IP. I have ran "netsh int ip reset" and it does not fully work.
I would like to see if we can turn System restore back on, it's something we need to try first.
if thats the problem with not being able to create a restore point.
Please look at this link and attempt to turn on System Restore
http://www.thewindowsclub.com/system...estore-windows
~~~~~~~~~~~`
Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)
Open FRST/FRST64 and press the > Fix < button just once and wait.start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SearchScopes: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000 -> DefaultScope {F2872BFE-A208-4FD9-B4AC-B57C0068ABC9} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-08] (Oracle Corporation)
ShortcutWithArgument: C:\Users\Fraser Ross\Desktop\Intel(R) Integrator Toolkit 5.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.intel.com/go/itk
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
I have enables system restore.
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Fraser Ross (12-11-2016 14:48:48) Run:2
Running from C:\Users\Fraser Ross\Desktop
Loaded Profiles: Fraser Ross (Available Profiles: Fraser Ross)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SearchScopes: HKU\S-1-5-21-3240783315-1213011343-4006949943-1000 -> DefaultScope {F2872BFE-A208-4FD9-B4AC-B57C0068ABC9} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-08] (Oracle Corporation)
ShortcutWithArgument: C:\Users\Fraser Ross\Desktop\Intel(R) Integrator Toolkit 5.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.intel.com/go/itk
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDesktop => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value removed successfully
HKU\S-1-5-21-3240783315-1213011343-4006949943-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
C:\Users\Fraser Ross\Desktop\Intel(R) Integrator Toolkit 5.lnk => Shortcut argument removed successfully.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh winsock reset all =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= netsh int ipv4 reset =========
Resetting Interface, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Resetting Interface, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8699177 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 25817 B
Edge => 0 B
Chrome => 0 B
Firefox => 5016567 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 12581716 B
NetworkService => 0 B
Fraser Ross => 32974617 B
RecycleBin => 0 B
EmptyTemp: => 56.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:51:32 ====
There was a blue screen crash after running this but it had finished and it rebooted.
no idea why it would had a blue screen but, it appears all went as expected from the scripting.
Now, 2 tools I would like you to run, they are to check for policies maybe not seen and if anything rogue remains.
RogueKiller Scan
- Please download RogueKiller (x32) / RogueKiller (x64) and save the file to your Desktop.
- Close any running programmes.
- Double-click RogueKillerx64.exe to run the programme.
- Follow the prompts. If a browser window opens, close the window.
- In the HOME tab, click Start Scan.
- Upon completion, a browser window may open. Close this window.
- Please do not have RogueKiller remove any detected items.
- Click the HISTORY tab, followed by Scan Reports.
- Double-click the scan log, and click Open TXT.
- Copy the contents of the log and paste in your next reply.
- Close RogueKiller.
~~~~
Please download Emsisoft Emergency Kit and save it to your desktop.
Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop.
- Leave all settings as they are and click the Extract button at the bottom.
- A folder named EEK will be created in the root of the drive (usually c:\).
- After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
- The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates.
- Please click Yes so that it downloads the latest database updates.
- When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
- Click on Scan to be taken to the scan options.
- If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
- Click on the Malware Scan button to start the scan.
- When the scan is completed click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
- Please save the log in Notepad on your desktop, and copy it to your next reply.
- When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
Posting Permissions
