Jump to content

canopicjar

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-07-2016 Ran by Travis (administrator) on DESKTOP-83HGFCR (24-07-2016 16:58:18) Running from G:\Downloads Loaded Profiles: Travis & postgres (Available Profiles: Travis & postgres) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "G:\Program Files\firefox.exe" -osint -url "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\SpotifyCrashService.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Mozilla Corporation) G:\Program Files\firefox.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Mozilla Corporation) G:\Program Files\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => G:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [109824 2016-05-03] (Panda Security, S.L.) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Spotify Web Helper] => C:\Users\Travis\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-13] (Spotify Ltd) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Spotify] => C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-13] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-06-19] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-04-16] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) Startup: C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3eaf50.lnk [2016-07-23] ShortcutTarget: 3eaf50.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{0a305841-e7c0-465a-a908-921391cf2700}: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{111aeaa5-d341-4db4-ac08-41fe8d24d00b}: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{d2123ff3-29a2-4f2b-97e9-3ad6960dfe3d}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== FireFox: ======== FF ProfilePath: C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\aibaasbs.default FF DefaultSearchEngine.US: Google FF Session Restore: -> is enabled. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) FF Plugin HKU\S-1-5-21-2258500036-648294569-3129794070-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) StartMenuInternet: FIREFOX.EXE - G:\Program Files\firefox.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-21] (Advanced Micro Devices) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113160 2015-11-26] (Creative Technology Ltd) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-12] (Rivet Networks) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-05-03] (Panda Security, S.L.) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 postgresql-x64-9.2; C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe [89600 2013-04-01] (PostgreSQL Global Development Group) [File not signed] R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-05-03] (Panda Security, S.L.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-03] (CyberLink) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-02-11] (Advanced Micro Devices) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-02-12] (Rivet Networks, LLC.) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1067304 2015-11-26] (Creative Technology Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [530416 2016-04-16] (Intel Corporation) R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.) S3 LECs6022; C:\Windows\System32\drivers\LECs6022.sys [17408 2010-11-05] (Primax Electronics Ltd.) S3 LEMo6022; C:\Windows\System32\drivers\LEMo6022.sys [24064 2012-06-06] (Primax Electronics Ltd.) S3 LEub6022; C:\Windows\System32\drivers\LEub6022.sys [18432 2011-01-05] (Primax Electronics Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-24] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204032 2016-01-19] (Intel Corporation) R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2504192 2015-10-30] (MediaTek Inc.) R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [82864 2016-03-17] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179632 2016-02-18] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267184 2016-02-18] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.) S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.) S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2016-01-14] (TPMX Electronics Ltd.) S3 pelvendr; C:\Windows\system32\DRIVERS\pelvendr.sys [11776 2009-11-02] (TPMX Electronics Ltd.) R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [174000 2016-02-18] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129456 2016-02-18] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207280 2016-02-18] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133552 2016-02-18] (Panda Security, S.L.) R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146864 2016-02-24] (Panda Security, S.L.) R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117168 2016-02-18] (Panda Security, S.L.) U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-04-26] (Wellbia.com Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-23 22:01 - 2016-07-23 22:01 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk 2016-07-23 22:01 - 2016-07-23 22:01 - 00002266 _____ C:\Users\Public\Desktop\Panda Free Antivirus.lnk 2016-07-23 22:01 - 2016-07-23 22:01 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Panda Security 2016-07-23 22:01 - 2016-07-23 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus 2016-07-23 22:01 - 2016-07-23 22:01 - 00000000 ____D C:\Program Files (x86)\Panda Security 2016-07-23 22:01 - 2016-02-24 08:26 - 00146864 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProt.sys 2016-07-23 22:01 - 2016-02-18 12:37 - 00207280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINKNC.sys 2016-07-23 22:01 - 2016-02-18 12:37 - 00174000 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINAflt.sys 2016-07-23 22:01 - 2016-02-18 12:37 - 00133552 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProc.sys 2016-07-23 22:01 - 2016-02-18 12:37 - 00129456 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINFile.sys 2016-07-23 22:01 - 2016-02-18 12:37 - 00117168 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINReg.sys 2016-07-23 22:01 - 2015-06-16 10:41 - 00062080 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-07-23 22:00 - 2016-07-23 22:01 - 00000000 ____D C:\ProgramData\Panda Security 2016-07-23 21:40 - 2016-07-24 16:58 - 00000000 ____D C:\FRST 2016-07-23 16:33 - 2016-07-24 14:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-23 16:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-07-23 16:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-07-23 16:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-07-23 16:31 - 2016-07-23 17:45 - 00000000 ____D C:\Users\Travis\AppData\Local\63a09b 2016-07-23 16:31 - 2016-07-23 16:31 - 00000000 ____D C:\Users\Travis\AppData\Roaming\4725e7 2016-07-12 18:21 - 2016-07-01 01:30 - 00284352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2016-07-12 18:21 - 2016-07-01 00:49 - 07469408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-07-12 18:21 - 2016-07-01 00:49 - 00337336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00847656 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2016-07-12 18:21 - 2016-07-01 00:34 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-07-12 18:21 - 2016-07-01 00:34 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-07-12 18:21 - 2016-07-01 00:34 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 00730352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2016-07-12 18:21 - 2016-07-01 00:33 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2016-07-12 18:21 - 2016-07-01 00:33 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe 2016-07-12 18:21 - 2016-07-01 00:32 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2016-07-12 18:21 - 2016-07-01 00:32 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2016-07-12 18:21 - 2016-07-01 00:32 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2016-07-12 18:21 - 2016-07-01 00:31 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-07-12 18:21 - 2016-07-01 00:31 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-07-12 18:21 - 2016-07-01 00:31 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 02145032 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 01987936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 00648256 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-07-12 18:21 - 2016-07-01 00:24 - 00911648 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2016-07-12 18:21 - 2016-07-01 00:23 - 01349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-07-12 18:21 - 2016-07-01 00:21 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-07-12 18:21 - 2016-07-01 00:21 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-07-12 18:21 - 2016-07-01 00:20 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2016-07-12 18:21 - 2016-07-01 00:20 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2016-07-12 18:21 - 2016-07-01 00:20 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe 2016-07-12 18:21 - 2016-07-01 00:19 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-07-12 18:21 - 2016-07-01 00:19 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-07-12 18:21 - 2016-07-01 00:11 - 01522160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-07-12 18:21 - 2016-07-01 00:00 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-07-12 18:21 - 2016-06-30 23:58 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2016-07-12 18:21 - 2016-06-30 23:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll 2016-07-12 18:21 - 2016-06-30 23:57 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\cdpreference.exe 2016-07-12 18:21 - 2016-06-30 23:56 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-07-12 18:21 - 2016-06-30 23:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll 2016-07-12 18:21 - 2016-06-30 23:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-07-12 18:21 - 2016-06-30 23:52 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Maps.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2016-07-12 18:21 - 2016-06-30 23:48 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02088960 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02012672 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 01434112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 01240064 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-07-12 18:21 - 2016-06-30 23:41 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-07-12 18:21 - 2016-06-30 23:41 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2016-07-12 18:21 - 2016-06-30 23:41 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 01671168 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IconCodecService.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll 2016-07-12 18:21 - 2016-06-30 23:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2016-07-12 18:21 - 2016-06-30 23:33 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 19347968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe 2016-07-12 18:21 - 2016-06-30 23:30 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00546816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2016-07-12 18:21 - 2016-06-30 23:30 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 03589632 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-07-12 18:21 - 2016-06-30 23:29 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2016-07-12 18:21 - 2016-06-30 23:29 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 01729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00559616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-07-12 18:21 - 2016-06-30 23:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 04895232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 03026944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-07-12 18:21 - 2016-06-30 23:25 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2016-07-12 18:21 - 2016-06-30 23:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 00965120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2016-07-12 18:21 - 2016-06-30 23:21 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2016-07-12 18:21 - 2016-06-30 23:20 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-07-12 18:21 - 2016-06-30 23:19 - 01987072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-07-12 18:21 - 2016-06-30 23:19 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2016-07-12 18:21 - 2016-06-30 23:18 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2016-07-12 18:21 - 2016-06-30 23:18 - 03663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-07-12 18:21 - 2016-06-30 23:16 - 02771968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2016-07-12 18:21 - 2016-06-30 23:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 04413440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 02102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2016-07-12 18:21 - 2016-06-30 23:14 - 05660672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-07-12 18:21 - 2016-06-30 23:13 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-07-12 18:21 - 2016-06-30 23:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-07-12 18:21 - 2016-06-30 23:12 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-07-12 18:21 - 2016-06-30 23:09 - 02632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-07-12 18:21 - 2016-06-30 23:08 - 01976832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2016-07-12 18:21 - 2016-06-30 23:08 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 01505984 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 01223872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00587456 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00559808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00310464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-07-12 18:20 - 2016-07-01 00:50 - 00037232 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll 2016-07-12 18:20 - 2016-07-01 00:49 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-07-12 18:20 - 2016-07-01 00:49 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-07-12 18:20 - 2016-07-01 00:49 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-07-12 18:20 - 2016-07-01 00:49 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-07-12 18:20 - 2016-07-01 00:49 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-07-12 18:20 - 2016-07-01 00:49 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ C:\Windows\system32\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe 2016-07-12 18:20 - 2016-07-01 00:45 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-07-12 18:20 - 2016-07-01 00:43 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-07-12 18:20 - 2016-07-01 00:43 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-07-12 18:20 - 2016-07-01 00:39 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 01083656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe 2016-07-12 18:20 - 2016-07-01 00:38 - 00256192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 00032552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll 2016-07-12 18:20 - 2016-07-01 00:35 - 00586208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-07-12 18:20 - 2016-07-01 00:35 - 00035656 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-07-12 18:20 - 2016-07-01 00:33 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-07-12 18:20 - 2016-07-01 00:33 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 06536256 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 01040800 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 00106928 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll 2016-07-12 18:20 - 2016-07-01 00:24 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 01118208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00925576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00511320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00451936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00032040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-07-12 18:20 - 2016-07-01 00:21 - 28851224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll 2016-07-12 18:20 - 2016-07-01 00:21 - 02403168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-07-12 18:20 - 2016-07-01 00:21 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-07-12 18:20 - 2016-07-01 00:21 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2016-07-12 18:20 - 2016-07-01 00:20 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-07-12 18:20 - 2016-07-01 00:20 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-07-12 18:20 - 2016-07-01 00:19 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2016-07-12 18:20 - 2016-07-01 00:19 - 00836760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2016-07-12 18:20 - 2016-07-01 00:19 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2016-07-12 18:20 - 2016-07-01 00:18 - 00064584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll 2016-07-12 18:20 - 2016-07-01 00:17 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-07-12 18:20 - 2016-07-01 00:12 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-07-12 18:20 - 2016-07-01 00:12 - 01866104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2016-07-12 18:20 - 2016-07-01 00:11 - 00521152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-07-12 18:20 - 2016-07-01 00:10 - 00675064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2016-07-12 18:20 - 2016-07-01 00:07 - 28083144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll 2016-07-12 18:20 - 2016-07-01 00:03 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll 2016-07-12 18:20 - 2016-07-01 00:03 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-07-12 18:20 - 2016-06-30 23:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll 2016-07-12 18:20 - 2016-06-30 23:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll 2016-07-12 18:20 - 2016-06-30 23:56 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2016-07-12 18:20 - 2016-06-30 23:55 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2016-07-12 18:20 - 2016-06-30 23:55 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll 2016-07-12 18:20 - 2016-06-30 23:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2016-07-12 18:20 - 2016-06-30 23:53 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 16985088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2016-07-12 18:20 - 2016-06-30 23:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2016-07-12 18:20 - 2016-06-30 23:48 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-07-12 18:20 - 2016-06-30 23:47 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2016-07-12 18:20 - 2016-06-30 23:46 - 00565760 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2016-07-12 18:20 - 2016-06-30 23:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00992256 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2016-07-12 18:20 - 2016-06-30 23:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-07-12 18:20 - 2016-06-30 23:41 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2016-07-12 18:20 - 2016-06-30 23:40 - 02103296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2016-07-12 18:20 - 2016-06-30 23:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe 2016-07-12 18:20 - 2016-06-30 23:38 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 01443840 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 02445312 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll 2016-07-12 18:20 - 2016-06-30 23:33 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2016-07-12 18:20 - 2016-06-30 23:33 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2016-07-12 18:20 - 2016-06-30 23:32 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00994816 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2016-07-12 18:20 - 2016-06-30 23:31 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2016-07-12 18:20 - 2016-06-30 23:31 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 04646912 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2016-07-12 18:20 - 2016-06-30 23:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 03046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2016-07-12 18:20 - 2016-06-30 23:25 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2016-07-12 18:20 - 2016-06-30 23:24 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-07-12 18:20 - 2016-06-30 23:24 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 03301376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe 2016-07-12 18:20 - 2016-06-30 23:23 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2016-07-12 18:20 - 2016-06-30 23:22 - 03053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2016-07-12 18:20 - 2016-06-30 23:20 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2016-07-12 18:20 - 2016-06-30 23:20 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-07-12 18:20 - 2016-06-30 23:20 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2016-07-12 18:20 - 2016-06-30 23:19 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-07-12 18:20 - 2016-06-30 23:18 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2016-07-12 18:20 - 2016-06-30 23:18 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-07-12 18:20 - 2016-06-30 23:17 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-07-12 18:20 - 2016-06-30 23:17 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-07-12 18:20 - 2016-06-30 23:16 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02501632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02849792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2016-07-12 18:20 - 2016-06-30 23:12 - 02179584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2016-07-12 18:20 - 2016-06-30 23:11 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-07-12 18:20 - 2016-06-30 23:08 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2016-07-12 18:20 - 2016-06-28 07:20 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-07-12 18:20 - 2016-02-09 00:25 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2016-07-12 18:19 - 2016-06-30 23:55 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUX.dll 2016-07-12 18:19 - 2016-06-30 23:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll 2016-07-12 18:19 - 2016-06-30 23:50 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll 2016-07-12 18:19 - 2016-06-30 23:49 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe 2016-07-12 18:19 - 2016-06-30 23:47 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2016-07-12 18:19 - 2016-06-30 23:45 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll 2016-07-12 18:19 - 2016-06-30 23:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll 2016-07-12 18:19 - 2016-06-30 23:43 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2016-07-12 18:19 - 2016-06-30 23:43 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2016-07-12 18:19 - 2016-06-30 23:42 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2016-07-12 18:19 - 2016-06-30 23:42 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2016-07-12 18:19 - 2016-06-30 23:40 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-07-12 18:19 - 2016-06-30 23:34 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-07-12 18:19 - 2016-06-30 23:30 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2016-07-12 18:19 - 2016-06-30 23:30 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll 2016-07-12 18:19 - 2016-06-30 23:29 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll 2016-07-12 18:19 - 2016-06-30 23:29 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll 2016-07-12 18:19 - 2016-06-30 23:28 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2016-07-12 18:19 - 2016-06-30 23:27 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll 2016-07-12 18:19 - 2016-06-30 23:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2016-07-12 18:19 - 2016-06-30 23:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-24 16:58 - 2016-05-07 16:12 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Spotify 2016-07-24 16:11 - 2016-04-20 19:55 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-24 15:27 - 2016-04-16 17:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-07-24 14:31 - 2016-04-16 18:23 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CA6E4CE9-6C39-422B-B34F-7DF0C2438887} 2016-07-24 09:24 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\AppReadiness 2016-07-24 09:03 - 2016-05-28 15:42 - 00000638 _____ C:\Windows\Tasks\TrackerAutoUpdate.job 2016-07-24 08:26 - 2016-04-16 17:47 - 00000000 ____D C:\Users\Travis\AppData\Local\Adobe 2016-07-24 08:26 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-23 22:01 - 2015-10-30 03:21 - 00000000 ____D C:\Windows\INF 2016-07-23 18:16 - 2016-05-07 16:12 - 00000000 ____D C:\Users\Travis\AppData\Local\Spotify 2016-07-23 18:16 - 2016-04-20 19:55 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-23 17:50 - 2016-04-15 23:11 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-23 17:45 - 2016-04-16 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-23 17:45 - 2016-04-15 23:09 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-07-23 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\Web 2016-07-23 17:45 - 2015-10-30 02:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-07-23 09:07 - 2016-05-01 09:46 - 00000000 ____D C:\Users\postgres 2016-07-22 15:19 - 2016-04-15 23:08 - 00000000 ____D C:\Users\Travis 2016-07-22 15:05 - 2016-05-06 14:30 - 00000368 _____ C:\Windows\Tasks\HPCeeScheduleForTravis.job 2016-07-22 14:25 - 2016-05-06 14:30 - 00003264 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTravis 2016-07-13 17:02 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\rescache 2016-07-13 05:56 - 2016-04-15 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-07-13 03:31 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\oobe 2016-07-13 03:31 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-07-13 03:30 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\PrintDialog 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\DevicesFlow 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\Provisioning 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\bcastdvr 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-07-12 20:27 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-07-12 20:27 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\Macromed 2016-07-12 18:24 - 2016-04-16 13:24 - 00000000 ____D C:\Windows\system32\MRT 2016-07-12 18:24 - 2015-10-30 03:11 - 00000000 ____D C:\Windows\CbsTemp 2016-07-12 18:22 - 2016-04-16 13:24 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-07-06 20:39 - 2016-04-16 13:15 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-03 09:36 - 2016-05-14 11:29 - 00000000 ____D C:\Users\Travis\AppData\Local\CrashDumps 2016-07-02 00:37 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-07-02 00:37 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-07-01 01:05 - 2016-04-15 23:04 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll ==================== Files in the root of some directories ======= 2016-04-16 17:31 - 2016-04-16 17:31 - 0000000 _____ () C:\Users\Travis\AppData\Local\Driver_LOM_8171Present.flag 2016-04-28 12:28 - 2016-06-19 13:14 - 0006167 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Travis\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll C:\Users\Travis\AppData\Local\Temp\89741622b8dbbb89d89ca0a764f06286.dll C:\Users\Travis\AppData\Local\Temp\raptr_stub.exe C:\Users\Travis\AppData\Local\Temp\{D12D6108-70B6-4F6F-9574-81270B6986B9}.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-22 15:15 ==================== End of FRST.txt ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2016 Ran by Travis (2016-07-24 16:58:34) Running from G:\Downloads Windows 10 Home Version 1511 (X64) (2016-04-16 03:05:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2258500036-648294569-3129794070-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2258500036-648294569-3129794070-503 - Limited - Disabled) Guest (S-1-5-21-2258500036-648294569-3129794070-501 - Limited - Disabled) postgres (S-1-5-21-2258500036-648294569-3129794070-1003 - Limited - Enabled) => C:\Users\postgres Travis (S-1-5-21-2258500036-648294569-3129794070-1001 - Administrator - Enabled) => C:\Users\Travis ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Panda Free Antivirus (Enabled - Up to date) {46AEFD02-ACA3-E038-1FA5-4A15EFD361E0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Panda Free Antivirus (Enabled - Up to date) {FDCF1CE6-8A99-EFB6-2515-716794542B5D} FW: Panda Firewall (Disabled) {7E957C27-E6CC-E160-34FA-E3201100269B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709n (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward) Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch) CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2907.0 - CyberLink Corp.) CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.) DaVinci Resolve (HKLM\...\{9B4515CC-A703-49D2-85E6-5348CA30534D}) (Version: 12.5.0032 - Blackmagic Design) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DH Mobility Modder.NET (HKLM-x32\...\MobilityDotNET) (Version: 1.2.1.0 - Ruud Ketelaars) DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Officejet 6500 E709 Series (HKLM\...\{9C57D227-1FE7-4F40-BD49-2BCA7761B083}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP) HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.4.18.7 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Killer Bandwidth Control Filter Driver (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer E240x Drivers (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer Network Manager (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{009DF489-4590-4579-BAB2-0136BB829E4A}) (Version: 1.1.57.1346 - Rivet Networks) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Firefox 47.0.1 (x86 en-US) (HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.01.03.0000 - Panda Security) Panda Free Antivirus (Version: 8.22.00 - Panda Security) Hidden PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd) Photomatix Pro version 5.1.2 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.1.2 - HDRsoft Ltd) PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group) proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH) ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteamVR Performance Test (HKLM\...\Steam App 323910) (Version: - Valve) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC) TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2258500036-648294569-3129794070-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1C5BB17A-60AF-474E-B185-E80CCEAABAFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) Task: {2C42B580-2DCF-48FB-B63A-4286454286E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {48C17CE2-73A1-4CE0-BE82-D380D9A91D32} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.) Task: {49DD0115-8051-44CC-8604-F5D4F7DC716C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {4EA8D56C-1D8F-4FAA-911F-48914D6014AE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {6EC8C13F-7C3C-4954-9291-F612BD5DD7D7} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-83HGFCR-Travis => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {7710741B-2D64-470B-BC7B-EA71F9630A13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {7F25A9A5-09CC-4C98-BBFF-ED01192F11EA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {82299647-11E5-4D57-8FD4-B4823F845CFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {A69800CF-D887-46ED-85CC-07E50BFA9323} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-07-08] (HP Inc.) Task: {AF54BE99-7E52-4E37-B6B2-00303CE5E7CA} - System32\Tasks\HPCeeScheduleForTravis => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard) Task: {C28212BC-B93E-4E22-8A33-F320A34CF10C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {C2ADBA4D-D1CF-4A44-B246-9A12E8456B0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D2C15255-44EE-46C9-AAF1-047F8B4BEA00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForTravis.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Travis\AppData\Local\63a09b\43fe78.lnk -> C:\Users\Travis\AppData\Local\63a09b\16a56f.bat (No File) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-05-01 09:46 - 2013-04-01 23:41 - 00176128 _____ () C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll 2016-05-01 09:46 - 2012-08-14 09:31 - 01328128 _____ () C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-05-24 13:20 - 2016-05-24 13:20 - 00959168 _____ () C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-16 13:23 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-30 05:10 - 2015-10-30 05:10 - 00117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL 2016-07-20 16:38 - 2016-07-20 16:39 - 03893952 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\gfxim.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-12 18:20 - 2016-06-30 23:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-12 18:20 - 2016-06-30 23:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-06-03 17:04 - 2016-06-03 17:04 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-06-03 17:04 - 2016-06-03 17:04 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 17:04 - 2016-06-03 17:04 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-04-16 14:19 - 2016-04-16 14:19 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-05-24 13:20 - 2016-05-24 13:20 - 00679624 _____ () C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 52042352 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libcef.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 01741936 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libglesv2.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 00087664 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libegl.dll 2015-12-15 13:17 - 2015-12-15 13:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 03:24 - 2016-04-19 15:37 - 00001023 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.200.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{B187D309-C656-4009-9E36-269C4409F749}] => (Allow) G:\Program Files\firefox.exe FirewallRules: [{48A404A2-646E-4A6D-96E7-8C70EB452E3A}] => (Allow) G:\Program Files\firefox.exe FirewallRules: [{0C53AB6E-417B-4B06-BA69-AA2435AA0E4E}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{72F11FC0-4A22-4199-B2DD-0D8ED6AB42D0}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3C6EB11C-0640-404B-8C00-EC4EFD5CAE60}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C5E50B81-69BB-483A-BBF4-3786954C7C3F}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8D65CBF0-7437-41B8-A981-9DFCDBFBD862}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe FirewallRules: [{BBFF8768-9DF2-4311-82E8-7864002E78FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe FirewallRules: [{2B3E387F-B361-4727-92E9-7F4182C5D1ED}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe FirewallRules: [{4117D933-43CD-430F-932B-62AE8AFBDA01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe FirewallRules: [{A0AD7B3B-DBA4-4773-9A31-B7B034405F89}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{0F9A3A88-8673-4B4D-B064-3663BF74B6BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{435690AC-58BD-4C56-9556-523732AA76D4}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{40436D52-F941-4A1F-B4B2-FB5403611AAE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{8A7E01ED-E9B3-48BB-81F5-6B5267E74E9A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{E0AA1129-B046-4696-92C8-D68041365553}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{60AD4481-E8F4-47FA-871F-72C04413B709}] => (Allow) G:\Nexon\Library\Combat Arms\appdata\NMService.exe FirewallRules: [{AB9DFBAA-9A3D-41DC-936F-5D72C08E8D8F}] => (Allow) G:\Nexon\Library\Combat Arms\appdata\NMService.exe FirewallRules: [{720D4F77-68B5-4C2E-997B-26F644CA4288}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{F44DEBC4-D084-4B27-932E-D80EA93A1C90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{E8965D02-7088-4A01-ADED-735787618B51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{BA47483C-32C7-4795-8252-0AD462459A5E}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS4073\setup\hpznui40.exe FirewallRules: [{BC0B063C-32CE-4C74-837D-19E7BE7872C1}] => (Allow) C:\Program Files\CyberLink\PowerDirector13\PDR10.EXE FirewallRules: [{452D4B82-BF3B-4D35-A719-43364243A920}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe FirewallRules: [{C50B9F52-2256-4498-AC87-BB1BB92D150C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe FirewallRules: [{23F80D06-BA3C-419B-86DE-26C8BEEF346A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe FirewallRules: [{F0948A21-040C-4D68-B395-4D6D5B3BFE41}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe FirewallRules: [{5C189C56-0F1B-40CF-9E59-003837ECFACE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe FirewallRules: [{8A2F4938-7F5D-407E-B957-27A42ADBC66F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe FirewallRules: [{1FE49F86-6D3D-4053-9F68-941B41569A85}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe FirewallRules: [{266A1872-EA86-411A-B787-DA980A6AF48C}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe FirewallRules: [TCP Query User{AAB44695-AA57-4A68-B422-37704310E76B}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{6590D964-F8B2-4E71-9726-44B5F11A681C}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{32CBB634-D8C2-405F-AF34-47364C5180CD}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{BDF26267-4725-420B-8C2E-20FE885E31C4}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [{7C43A1F3-B3A0-4D6F-B9F5-5B3B9D2DDCB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{2E5D055D-BCA5-430F-A67E-5EA208EBDDFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{3FDFAE03-B344-44CF-B9E5-5D5C78494032}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{2D9B1D1B-D788-4123-8C3B-61C811027027}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{AA2BDD16-3A9F-40FD-ADFB-E94120A9DCF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{FA9B7441-02DE-4406-B9AF-03A0026F42EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{DFB8E454-94F7-48F4-A000-E24798795998}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{30ED7789-A929-4718-9B37-54DC250B3607}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{1AE92714-07F9-4DF3-81EF-D53F59BE8D41}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{9D7B1644-2550-4467-81CA-666461A7ED14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{B1144E9C-9C51-441D-9A1B-78EA86112BF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{874C6CD9-05C6-42DB-8E79-FD4C93F62A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{D0E31551-B744-47A5-831E-A31C93EB9480}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{1D2C922F-50F3-4095-9C0B-C19FBA16B27F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{0DFA1B3D-9844-4653-981E-262D888C4C59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{831F7CF0-D7BC-4DAE-B02D-17B87EC45753}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{478D075F-23A3-49CC-A092-90A132DB115F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{36A0FD18-850D-4B06-9743-DD716BA343ED}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS38EA\HPDiagnosticCoreUI.exe FirewallRules: [{328CF102-FA96-4CCA-AB5D-8DBBDEB84250}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS38EA\HPDiagnosticCoreUI.exe FirewallRules: [{3CA70F3F-B92A-4BF6-87B5-0A88F89CE95F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe FirewallRules: [{2880B288-38F1-42C5-9055-EF91BD364135}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe ==================== Restore Points ========================= 07-07-2016 20:19:22 Scheduled Checkpoint 12-07-2016 18:22:35 Windows Update 22-07-2016 15:22:06 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Officejet 6500 E709n Description: Officejet 6500 E709n Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Officejet 6500 E709n Description: Officejet 6500 E709n Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2016 09:09:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 09:06:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 09:00:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:55:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:55:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:51:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/22/2016 03:22:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/12/2016 06:22:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/07/2016 08:19:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/03/2016 09:36:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.10586.0, time stamp: 0x5632d879 Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331 Exception code: 0xc000010a Fault offset: 0x0000000000071f28 Faulting process id: 0xfc8 Faulting application start time: 0xWindows.Media.BackgroundPlayback.exe0 Faulting application path: Windows.Media.BackgroundPlayback.exe1 Faulting module path: Windows.Media.BackgroundPlayback.exe2 Report Id: Windows.Media.BackgroundPlayback.exe3 Faulting package full name: Windows.Media.BackgroundPlayback.exe4 Faulting package-relative application ID: Windows.Media.BackgroundPlayback.exe5 System errors: ============= Error: (07/24/2016 04:26:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/24/2016 01:09:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/23/2016 10:01:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINAflt service failed to start due to the following error: %%259 = No more data is available. Error: (07/23/2016 10:01:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINProt service failed to start due to the following error: %%31 = A device attached to the system is not functioning. Error: (07/23/2016 10:01:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINReg service failed to start due to the following error: %%31 = A device attached to the system is not functioning. Error: (07/23/2016 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINProc service failed to start due to the following error: %%31 = A device attached to the system is not functioning. Error: (07/23/2016 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINFile service failed to start due to the following error: %%31 = A device attached to the system is not functioning. Error: (07/23/2016 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PSINKNC service failed to start due to the following error: %%87 = The parameter is incorrect. Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-07-14 06:16:48.481 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-13 03:31:57.718 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-19 13:10:36.074 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-19 13:08:12.713 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 14:07:53.850 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 03:36:23.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 11:34:30.959 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 03:31:18.458 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-29 14:48:01.206 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-23 22:34:54.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-111387.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 28% Total physical RAM: 16336.23 MB Available physical RAM: 11752.02 MB Total Virtual: 18768.23 MB Available Virtual: 12623.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.27 GB) (Free:396.25 GB) NTFS Drive g: (Data Drive) (Fixed) (Total:931.39 GB) (Free:231.17 GB) NTFS Drive j: (EOS_DIGITAL) (Removable) (Total:59.59 GB) (Free:41.54 GB) exFAT Drive k: (MICRO C 4GB) (Removable) (Total:3.73 GB) (Free:3.3 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D39B9D66) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (Size: 59.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 7 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.7 GB) - (Type=0B) ==================== End of Addition.txt ============================
  2. I embarrassingly clicked on a firefox update notice before looking at the webpage... Now am getting block notices of js.users.51.la and would appreciate help on getting rid of it. I have the following FRST logs FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2016 02 Ran by Travis (administrator) on DESKTOP-83HGFCR (23-07-2016 21:40:33) Running from G:\Downloads Loaded Profiles: Travis & postgres (Available Profiles: Travis & postgres) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "G:\Program Files\firefox.exe" -osint -url "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\SpotifyCrashService.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Spotify Ltd) C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Mozilla Corporation) G:\Program Files\firefox.exe (Mozilla Corporation) G:\Program Files\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => G:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Spotify Web Helper] => C:\Users\Travis\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-13] (Spotify Ltd) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Run: [Spotify] => C:\Users\Travis\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-13] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-06-19] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-04-16] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) Startup: C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3eaf50.lnk [2016-07-23] ShortcutTarget: 3eaf50.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{0a305841-e7c0-465a-a908-921391cf2700}: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{111aeaa5-d341-4db4-ac08-41fe8d24d00b}: [DhcpNameServer] 192.168.200.1 Tcpip\..\Interfaces\{d2123ff3-29a2-4f2b-97e9-3ad6960dfe3d}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== FireFox: ======== FF ProfilePath: C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\aibaasbs.default FF DefaultSearchEngine.US: Google FF Session Restore: -> is enabled. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) FF Plugin HKU\S-1-5-21-2258500036-648294569-3129794070-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.) StartMenuInternet: FIREFOX.EXE - G:\Program Files\firefox.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-21] (Advanced Micro Devices) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113160 2015-11-26] (Creative Technology Ltd) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-12] (Rivet Networks) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 postgresql-x64-9.2; C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe [89600 2013-04-01] (PostgreSQL Global Development Group) [File not signed] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-10-03] (CyberLink) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-02-11] (Advanced Micro Devices) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-02-12] (Rivet Networks, LLC.) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1067304 2015-11-26] (Creative Technology Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [530416 2016-04-16] (Intel Corporation) R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.) S3 LECs6022; C:\Windows\System32\drivers\LECs6022.sys [17408 2010-11-05] (Primax Electronics Ltd.) S3 LEMo6022; C:\Windows\System32\drivers\LEMo6022.sys [24064 2012-06-06] (Primax Electronics Ltd.) S3 LEub6022; C:\Windows\System32\drivers\LEub6022.sys [18432 2011-01-05] (Primax Electronics Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-23] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204032 2016-01-19] (Intel Corporation) R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2504192 2015-10-30] (MediaTek Inc.) S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.) S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2016-01-14] (TPMX Electronics Ltd.) S3 pelvendr; C:\Windows\system32\DRIVERS\pelvendr.sys [11776 2009-11-02] (TPMX Electronics Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-04-26] (Wellbia.com Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-23 21:40 - 2016-07-23 21:40 - 00000000 ____D C:\FRST 2016-07-23 16:33 - 2016-07-23 21:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-23 16:33 - 2016-07-23 16:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-07-23 16:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-07-23 16:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-07-23 16:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-07-23 16:31 - 2016-07-23 17:45 - 00000000 ____D C:\Users\Travis\AppData\Local\63a09b 2016-07-23 16:31 - 2016-07-23 16:31 - 00000000 ____D C:\Users\Travis\AppData\Roaming\4725e7 2016-07-12 18:21 - 2016-07-01 01:30 - 00284352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2016-07-12 18:21 - 2016-07-01 00:49 - 07469408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-07-12 18:21 - 2016-07-01 00:49 - 00337336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00847656 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2016-07-12 18:21 - 2016-07-01 00:35 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2016-07-12 18:21 - 2016-07-01 00:34 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-07-12 18:21 - 2016-07-01 00:34 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-07-12 18:21 - 2016-07-01 00:34 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 00730352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2016-07-12 18:21 - 2016-07-01 00:33 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2016-07-12 18:21 - 2016-07-01 00:33 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-07-12 18:21 - 2016-07-01 00:33 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe 2016-07-12 18:21 - 2016-07-01 00:32 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2016-07-12 18:21 - 2016-07-01 00:32 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2016-07-12 18:21 - 2016-07-01 00:32 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2016-07-12 18:21 - 2016-07-01 00:31 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-07-12 18:21 - 2016-07-01 00:31 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-07-12 18:21 - 2016-07-01 00:31 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 02145032 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 01987936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 00648256 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-07-12 18:21 - 2016-07-01 00:25 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2016-07-12 18:21 - 2016-07-01 00:25 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-07-12 18:21 - 2016-07-01 00:24 - 00911648 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2016-07-12 18:21 - 2016-07-01 00:23 - 01349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-07-12 18:21 - 2016-07-01 00:21 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-07-12 18:21 - 2016-07-01 00:21 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-07-12 18:21 - 2016-07-01 00:20 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2016-07-12 18:21 - 2016-07-01 00:20 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2016-07-12 18:21 - 2016-07-01 00:20 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe 2016-07-12 18:21 - 2016-07-01 00:19 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-07-12 18:21 - 2016-07-01 00:19 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-07-12 18:21 - 2016-07-01 00:11 - 01522160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-07-12 18:21 - 2016-07-01 00:00 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-07-12 18:21 - 2016-06-30 23:58 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2016-07-12 18:21 - 2016-06-30 23:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll 2016-07-12 18:21 - 2016-06-30 23:57 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\cdpreference.exe 2016-07-12 18:21 - 2016-06-30 23:56 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-07-12 18:21 - 2016-06-30 23:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll 2016-07-12 18:21 - 2016-06-30 23:53 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll 2016-07-12 18:21 - 2016-06-30 23:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-07-12 18:21 - 2016-06-30 23:52 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll 2016-07-12 18:21 - 2016-06-30 23:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Maps.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-07-12 18:21 - 2016-06-30 23:49 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2016-07-12 18:21 - 2016-06-30 23:48 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2016-07-12 18:21 - 2016-06-30 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll 2016-07-12 18:21 - 2016-06-30 23:46 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2016-07-12 18:21 - 2016-06-30 23:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:44 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll 2016-07-12 18:21 - 2016-06-30 23:43 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02088960 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 02012672 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 01434112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 01240064 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2016-07-12 18:21 - 2016-06-30 23:42 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-07-12 18:21 - 2016-06-30 23:41 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-07-12 18:21 - 2016-06-30 23:41 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2016-07-12 18:21 - 2016-06-30 23:41 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2016-07-12 18:21 - 2016-06-30 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2016-07-12 18:21 - 2016-06-30 23:40 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll 2016-07-12 18:21 - 2016-06-30 23:39 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 01671168 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2016-07-12 18:21 - 2016-06-30 23:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IconCodecService.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2016-07-12 18:21 - 2016-06-30 23:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2016-07-12 18:21 - 2016-06-30 23:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll 2016-07-12 18:21 - 2016-06-30 23:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-07-12 18:21 - 2016-06-30 23:34 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2016-07-12 18:21 - 2016-06-30 23:33 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-07-12 18:21 - 2016-06-30 23:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-07-12 18:21 - 2016-06-30 23:32 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 19347968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2016-07-12 18:21 - 2016-06-30 23:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe 2016-07-12 18:21 - 2016-06-30 23:30 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00546816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2016-07-12 18:21 - 2016-06-30 23:30 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll 2016-07-12 18:21 - 2016-06-30 23:30 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 03589632 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-07-12 18:21 - 2016-06-30 23:29 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2016-07-12 18:21 - 2016-06-30 23:29 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2016-07-12 18:21 - 2016-06-30 23:29 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2016-07-12 18:21 - 2016-06-30 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 01729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00559616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-07-12 18:21 - 2016-06-30 23:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2016-07-12 18:21 - 2016-06-30 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 04895232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 03026944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2016-07-12 18:21 - 2016-06-30 23:26 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-07-12 18:21 - 2016-06-30 23:25 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-07-12 18:21 - 2016-06-30 23:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2016-07-12 18:21 - 2016-06-30 23:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-07-12 18:21 - 2016-06-30 23:23 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2016-07-12 18:21 - 2016-06-30 23:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 00965120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2016-07-12 18:21 - 2016-06-30 23:22 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2016-07-12 18:21 - 2016-06-30 23:21 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2016-07-12 18:21 - 2016-06-30 23:20 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-07-12 18:21 - 2016-06-30 23:19 - 01987072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-07-12 18:21 - 2016-06-30 23:19 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2016-07-12 18:21 - 2016-06-30 23:18 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2016-07-12 18:21 - 2016-06-30 23:18 - 03663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-07-12 18:21 - 2016-06-30 23:16 - 02771968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2016-07-12 18:21 - 2016-06-30 23:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 04413440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 02102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2016-07-12 18:21 - 2016-06-30 23:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2016-07-12 18:21 - 2016-06-30 23:14 - 05660672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-07-12 18:21 - 2016-06-30 23:13 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-07-12 18:21 - 2016-06-30 23:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-07-12 18:21 - 2016-06-30 23:12 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-07-12 18:21 - 2016-06-30 23:09 - 02632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-07-12 18:21 - 2016-06-30 23:08 - 01976832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2016-07-12 18:21 - 2016-06-30 23:08 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 01505984 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 01223872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00587456 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00559808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00310464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-07-12 18:20 - 2016-07-01 01:30 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-07-12 18:20 - 2016-07-01 00:50 - 00037232 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll 2016-07-12 18:20 - 2016-07-01 00:49 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-07-12 18:20 - 2016-07-01 00:49 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-07-12 18:20 - 2016-07-01 00:49 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-07-12 18:20 - 2016-07-01 00:49 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-07-12 18:20 - 2016-07-01 00:49 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-07-12 18:20 - 2016-07-01 00:49 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ C:\Windows\system32\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe 2016-07-12 18:20 - 2016-07-01 00:45 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-07-12 18:20 - 2016-07-01 00:43 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-07-12 18:20 - 2016-07-01 00:43 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-07-12 18:20 - 2016-07-01 00:39 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 01083656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe 2016-07-12 18:20 - 2016-07-01 00:38 - 00256192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2016-07-12 18:20 - 2016-07-01 00:38 - 00032552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll 2016-07-12 18:20 - 2016-07-01 00:35 - 00586208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-07-12 18:20 - 2016-07-01 00:35 - 00035656 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-07-12 18:20 - 2016-07-01 00:33 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-07-12 18:20 - 2016-07-01 00:33 - 00566104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 06536256 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 01040800 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-07-12 18:20 - 2016-07-01 00:32 - 00106928 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe 2016-07-12 18:20 - 2016-07-01 00:32 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll 2016-07-12 18:20 - 2016-07-01 00:24 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 01118208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00925576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00511320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00451936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-07-12 18:20 - 2016-07-01 00:23 - 00032040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-07-12 18:20 - 2016-07-01 00:21 - 28851224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll 2016-07-12 18:20 - 2016-07-01 00:21 - 02403168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-07-12 18:20 - 2016-07-01 00:21 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-07-12 18:20 - 2016-07-01 00:21 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2016-07-12 18:20 - 2016-07-01 00:20 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-07-12 18:20 - 2016-07-01 00:20 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-07-12 18:20 - 2016-07-01 00:19 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2016-07-12 18:20 - 2016-07-01 00:19 - 00836760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2016-07-12 18:20 - 2016-07-01 00:19 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2016-07-12 18:20 - 2016-07-01 00:18 - 00064584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll 2016-07-12 18:20 - 2016-07-01 00:17 - 01536600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-07-12 18:20 - 2016-07-01 00:12 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-07-12 18:20 - 2016-07-01 00:12 - 01866104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2016-07-12 18:20 - 2016-07-01 00:11 - 00521152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-07-12 18:20 - 2016-07-01 00:10 - 00675064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2016-07-12 18:20 - 2016-07-01 00:07 - 28083144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll 2016-07-12 18:20 - 2016-07-01 00:03 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll 2016-07-12 18:20 - 2016-07-01 00:03 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-07-12 18:20 - 2016-06-30 23:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll 2016-07-12 18:20 - 2016-06-30 23:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll 2016-07-12 18:20 - 2016-06-30 23:56 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2016-07-12 18:20 - 2016-06-30 23:55 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2016-07-12 18:20 - 2016-06-30 23:55 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll 2016-07-12 18:20 - 2016-06-30 23:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll 2016-07-12 18:20 - 2016-06-30 23:54 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2016-07-12 18:20 - 2016-06-30 23:53 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 16985088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2016-07-12 18:20 - 2016-06-30 23:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2016-07-12 18:20 - 2016-06-30 23:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll 2016-07-12 18:20 - 2016-06-30 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll 2016-07-12 18:20 - 2016-06-30 23:50 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2016-07-12 18:20 - 2016-06-30 23:48 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-07-12 18:20 - 2016-06-30 23:48 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-07-12 18:20 - 2016-06-30 23:47 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll 2016-07-12 18:20 - 2016-06-30 23:47 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2016-07-12 18:20 - 2016-06-30 23:46 - 00565760 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll 2016-07-12 18:20 - 2016-06-30 23:46 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2016-07-12 18:20 - 2016-06-30 23:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2016-07-12 18:20 - 2016-06-30 23:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-07-12 18:20 - 2016-06-30 23:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00992256 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2016-07-12 18:20 - 2016-06-30 23:43 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2016-07-12 18:20 - 2016-06-30 23:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2016-07-12 18:20 - 2016-06-30 23:42 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-07-12 18:20 - 2016-06-30 23:41 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll 2016-07-12 18:20 - 2016-06-30 23:41 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2016-07-12 18:20 - 2016-06-30 23:40 - 02103296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2016-07-12 18:20 - 2016-06-30 23:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll 2016-07-12 18:20 - 2016-06-30 23:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-07-12 18:20 - 2016-06-30 23:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe 2016-07-12 18:20 - 2016-06-30 23:38 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 01443840 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2016-07-12 18:20 - 2016-06-30 23:38 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2016-07-12 18:20 - 2016-06-30 23:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 02445312 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll 2016-07-12 18:20 - 2016-06-30 23:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-07-12 18:20 - 2016-06-30 23:34 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll 2016-07-12 18:20 - 2016-06-30 23:33 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2016-07-12 18:20 - 2016-06-30 23:33 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2016-07-12 18:20 - 2016-06-30 23:32 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2016-07-12 18:20 - 2016-06-30 23:32 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00994816 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2016-07-12 18:20 - 2016-06-30 23:31 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2016-07-12 18:20 - 2016-06-30 23:31 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2016-07-12 18:20 - 2016-06-30 23:31 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2016-07-12 18:20 - 2016-06-30 23:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 04646912 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2016-07-12 18:20 - 2016-06-30 23:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll 2016-07-12 18:20 - 2016-06-30 23:29 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 03046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll 2016-07-12 18:20 - 2016-06-30 23:28 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2016-07-12 18:20 - 2016-06-30 23:26 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2016-07-12 18:20 - 2016-06-30 23:25 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll 2016-07-12 18:20 - 2016-06-30 23:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2016-07-12 18:20 - 2016-06-30 23:24 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-07-12 18:20 - 2016-06-30 23:24 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 03301376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-07-12 18:20 - 2016-06-30 23:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe 2016-07-12 18:20 - 2016-06-30 23:23 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2016-07-12 18:20 - 2016-06-30 23:22 - 03053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2016-07-12 18:20 - 2016-06-30 23:20 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2016-07-12 18:20 - 2016-06-30 23:20 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-07-12 18:20 - 2016-06-30 23:20 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2016-07-12 18:20 - 2016-06-30 23:19 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2016-07-12 18:20 - 2016-06-30 23:19 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-07-12 18:20 - 2016-06-30 23:18 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2016-07-12 18:20 - 2016-06-30 23:18 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-07-12 18:20 - 2016-06-30 23:17 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-07-12 18:20 - 2016-06-30 23:17 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-07-12 18:20 - 2016-06-30 23:16 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 02501632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-07-12 18:20 - 2016-06-30 23:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-07-12 18:20 - 2016-06-30 23:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02849792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-07-12 18:20 - 2016-06-30 23:13 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2016-07-12 18:20 - 2016-06-30 23:12 - 02179584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2016-07-12 18:20 - 2016-06-30 23:11 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-07-12 18:20 - 2016-06-30 23:08 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2016-07-12 18:20 - 2016-06-28 07:20 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-07-12 18:20 - 2016-02-09 00:25 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2016-07-12 18:19 - 2016-06-30 23:55 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUX.dll 2016-07-12 18:19 - 2016-06-30 23:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll 2016-07-12 18:19 - 2016-06-30 23:50 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll 2016-07-12 18:19 - 2016-06-30 23:49 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe 2016-07-12 18:19 - 2016-06-30 23:47 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2016-07-12 18:19 - 2016-06-30 23:45 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll 2016-07-12 18:19 - 2016-06-30 23:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll 2016-07-12 18:19 - 2016-06-30 23:43 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2016-07-12 18:19 - 2016-06-30 23:43 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2016-07-12 18:19 - 2016-06-30 23:42 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2016-07-12 18:19 - 2016-06-30 23:42 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2016-07-12 18:19 - 2016-06-30 23:40 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-07-12 18:19 - 2016-06-30 23:34 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-07-12 18:19 - 2016-06-30 23:30 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2016-07-12 18:19 - 2016-06-30 23:30 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll 2016-07-12 18:19 - 2016-06-30 23:29 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll 2016-07-12 18:19 - 2016-06-30 23:29 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll 2016-07-12 18:19 - 2016-06-30 23:28 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2016-07-12 18:19 - 2016-06-30 23:27 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll 2016-07-12 18:19 - 2016-06-30 23:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll 2016-07-12 18:19 - 2016-06-30 23:25 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2016-07-12 18:19 - 2016-06-30 23:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-23 21:27 - 2016-04-16 17:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-07-23 21:11 - 2016-04-20 19:55 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-23 18:21 - 2016-05-07 16:12 - 00000000 ____D C:\Users\Travis\AppData\Roaming\Spotify 2016-07-23 18:16 - 2016-05-07 16:12 - 00000000 ____D C:\Users\Travis\AppData\Local\Spotify 2016-07-23 18:16 - 2016-04-20 19:55 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-23 17:50 - 2016-04-15 23:11 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-23 17:50 - 2015-10-30 03:21 - 00000000 ____D C:\Windows\INF 2016-07-23 17:45 - 2016-04-16 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-23 17:45 - 2016-04-15 23:09 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-07-23 17:45 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\Web 2016-07-23 17:45 - 2015-10-30 02:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-07-23 15:22 - 2016-04-16 18:23 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CA6E4CE9-6C39-422B-B34F-7DF0C2438887} 2016-07-23 10:47 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\AppReadiness 2016-07-23 09:07 - 2016-05-01 09:46 - 00000000 ____D C:\Users\postgres 2016-07-23 08:52 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-23 08:48 - 2016-04-16 17:47 - 00000000 ____D C:\Users\Travis\AppData\Local\Adobe 2016-07-22 15:19 - 2016-04-15 23:08 - 00000000 ____D C:\Users\Travis 2016-07-22 15:05 - 2016-05-06 14:30 - 00000368 _____ C:\Windows\Tasks\HPCeeScheduleForTravis.job 2016-07-22 14:25 - 2016-05-06 14:30 - 00003264 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTravis 2016-07-13 17:02 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\rescache 2016-07-13 05:56 - 2016-04-15 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-07-13 03:31 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\oobe 2016-07-13 03:31 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-07-13 03:30 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\PrintDialog 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ___RD C:\Windows\DevicesFlow 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\Provisioning 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\bcastdvr 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-07-13 03:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-07-12 20:27 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-07-12 20:27 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\Macromed 2016-07-12 18:24 - 2016-04-16 13:24 - 00000000 ____D C:\Windows\system32\MRT 2016-07-12 18:24 - 2015-10-30 03:11 - 00000000 ____D C:\Windows\CbsTemp 2016-07-12 18:22 - 2016-04-16 13:24 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-07-06 20:39 - 2016-04-16 13:15 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-03 09:36 - 2016-05-14 11:29 - 00000000 ____D C:\Users\Travis\AppData\Local\CrashDumps 2016-07-02 00:37 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-07-02 00:37 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-07-01 01:05 - 2016-04-15 23:04 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2016-06-26 09:03 - 2016-05-28 15:42 - 00000638 _____ C:\Windows\Tasks\TrackerAutoUpdate.job ==================== Files in the root of some directories ======= 2016-04-16 17:31 - 2016-04-16 17:31 - 0000000 _____ () C:\Users\Travis\AppData\Local\Driver_LOM_8171Present.flag 2016-04-28 12:28 - 2016-06-19 13:14 - 0006167 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Travis\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll C:\Users\Travis\AppData\Local\Temp\89741622b8dbbb89d89ca0a764f06286.dll C:\Users\Travis\AppData\Local\Temp\raptr_stub.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-22 15:15 ==================== End of FRST.txt ============================ ADDITION.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2016 02 Ran by Travis (2016-07-23 21:40:48) Running from G:\Downloads Windows 10 Home Version 1511 (X64) (2016-04-16 03:05:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2258500036-648294569-3129794070-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2258500036-648294569-3129794070-503 - Limited - Disabled) Guest (S-1-5-21-2258500036-648294569-3129794070-501 - Limited - Disabled) postgres (S-1-5-21-2258500036-648294569-3129794070-1003 - Limited - Enabled) => C:\Users\postgres Travis (S-1-5-21-2258500036-648294569-3129794070-1001 - Administrator - Enabled) => C:\Users\Travis ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709n (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward) Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch) CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2907.0 - CyberLink Corp.) CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.) DaVinci Resolve (HKLM\...\{9B4515CC-A703-49D2-85E6-5348CA30534D}) (Version: 12.5.0032 - Blackmagic Design) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DH Mobility Modder.NET (HKLM-x32\...\MobilityDotNET) (Version: 1.2.1.0 - Ruud Ketelaars) DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Officejet 6500 E709 Series (HKLM\...\{9C57D227-1FE7-4F40-BD49-2BCA7761B083}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP) HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.4.18.7 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Killer Bandwidth Control Filter Driver (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer E240x Drivers (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer Network Manager (Version: 1.1.57.1346 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{009DF489-4590-4579-BAB2-0136BB829E4A}) (Version: 1.1.57.1346 - Rivet Networks) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla) Mozilla Firefox 47.0.1 (x86 en-US) (HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd) Photomatix Pro version 5.1.2 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.1.2 - HDRsoft Ltd) PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group) proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH) ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-2258500036-648294569-3129794070-1001\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteamVR Performance Test (HKLM\...\Steam App 323910) (Version: - Valve) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC) TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2258500036-648294569-3129794070-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1C5BB17A-60AF-474E-B185-E80CCEAABAFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) Task: {2C42B580-2DCF-48FB-B63A-4286454286E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {48C17CE2-73A1-4CE0-BE82-D380D9A91D32} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.) Task: {49DD0115-8051-44CC-8604-F5D4F7DC716C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {4EA8D56C-1D8F-4FAA-911F-48914D6014AE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {6EC8C13F-7C3C-4954-9291-F612BD5DD7D7} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-83HGFCR-Travis => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {7710741B-2D64-470B-BC7B-EA71F9630A13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {82299647-11E5-4D57-8FD4-B4823F845CFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {A69800CF-D887-46ED-85CC-07E50BFA9323} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-07-08] (HP Inc.) Task: {AF54BE99-7E52-4E37-B6B2-00303CE5E7CA} - System32\Tasks\HPCeeScheduleForTravis => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard) Task: {BBA94BBA-DA51-4404-8CA0-3B83BB1A6418} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {C28212BC-B93E-4E22-8A33-F320A34CF10C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {C2ADBA4D-D1CF-4A44-B246-9A12E8456B0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D2C15255-44EE-46C9-AAF1-047F8B4BEA00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForTravis.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Travis\AppData\Local\63a09b\43fe78.lnk -> C:\Users\Travis\AppData\Local\63a09b\16a56f.bat (No File) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-05-01 09:46 - 2013-04-01 23:41 - 00176128 _____ () C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll 2016-05-01 09:46 - 2012-08-14 09:31 - 01328128 _____ () C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-07-12 18:20 - 2016-07-01 00:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-05-24 13:20 - 2016-05-24 13:20 - 00959168 _____ () C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-16 13:23 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 18:21 - 2016-06-30 23:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-12 18:20 - 2016-06-30 23:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-12 18:20 - 2016-06-30 23:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-12 18:20 - 2016-06-30 23:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-12 18:20 - 2016-06-30 23:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-06-03 17:04 - 2016-06-03 17:04 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-06-03 17:04 - 2016-06-03 17:04 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 17:04 - 2016-06-03 17:04 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-04-16 14:19 - 2016-04-16 14:19 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-10-30 05:10 - 2015-10-30 05:10 - 00117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL 2016-07-20 16:38 - 2016-07-20 16:39 - 03893952 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\gfxim.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-18 19:45 - 2016-04-18 19:45 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-05-24 13:20 - 2016-05-24 13:20 - 00679624 _____ () C:\Users\Travis\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 52042352 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libcef.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 01741936 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libglesv2.dll 2016-05-07 16:12 - 2016-07-13 05:56 - 00087664 _____ () C:\Users\Travis\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 03:24 - 2016-04-19 15:37 - 00001023 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2258500036-648294569-3129794070-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.200.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{B187D309-C656-4009-9E36-269C4409F749}] => (Allow) G:\Program Files\firefox.exe FirewallRules: [{48A404A2-646E-4A6D-96E7-8C70EB452E3A}] => (Allow) G:\Program Files\firefox.exe FirewallRules: [{0C53AB6E-417B-4B06-BA69-AA2435AA0E4E}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{72F11FC0-4A22-4199-B2DD-0D8ED6AB42D0}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3C6EB11C-0640-404B-8C00-EC4EFD5CAE60}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C5E50B81-69BB-483A-BBF4-3786954C7C3F}] => (Allow) G:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8D65CBF0-7437-41B8-A981-9DFCDBFBD862}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe FirewallRules: [{BBFF8768-9DF2-4311-82E8-7864002E78FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe FirewallRules: [{2B3E387F-B361-4727-92E9-7F4182C5D1ED}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe FirewallRules: [{4117D933-43CD-430F-932B-62AE8AFBDA01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe FirewallRules: [{A0AD7B3B-DBA4-4773-9A31-B7B034405F89}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{0F9A3A88-8673-4B4D-B064-3663BF74B6BA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{435690AC-58BD-4C56-9556-523732AA76D4}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{40436D52-F941-4A1F-B4B2-FB5403611AAE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{8A7E01ED-E9B3-48BB-81F5-6B5267E74E9A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{E0AA1129-B046-4696-92C8-D68041365553}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{60AD4481-E8F4-47FA-871F-72C04413B709}] => (Allow) G:\Nexon\Library\Combat Arms\appdata\NMService.exe FirewallRules: [{AB9DFBAA-9A3D-41DC-936F-5D72C08E8D8F}] => (Allow) G:\Nexon\Library\Combat Arms\appdata\NMService.exe FirewallRules: [{720D4F77-68B5-4C2E-997B-26F644CA4288}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{F44DEBC4-D084-4B27-932E-D80EA93A1C90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{E8965D02-7088-4A01-ADED-735787618B51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{BA47483C-32C7-4795-8252-0AD462459A5E}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS4073\setup\hpznui40.exe FirewallRules: [{BC0B063C-32CE-4C74-837D-19E7BE7872C1}] => (Allow) C:\Program Files\CyberLink\PowerDirector13\PDR10.EXE FirewallRules: [{452D4B82-BF3B-4D35-A719-43364243A920}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe FirewallRules: [{C50B9F52-2256-4498-AC87-BB1BB92D150C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe FirewallRules: [{23F80D06-BA3C-419B-86DE-26C8BEEF346A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe FirewallRules: [{F0948A21-040C-4D68-B395-4D6D5B3BFE41}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe FirewallRules: [{5C189C56-0F1B-40CF-9E59-003837ECFACE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe FirewallRules: [{8A2F4938-7F5D-407E-B957-27A42ADBC66F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe FirewallRules: [{1FE49F86-6D3D-4053-9F68-941B41569A85}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe FirewallRules: [{266A1872-EA86-411A-B787-DA980A6AF48C}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe FirewallRules: [TCP Query User{AAB44695-AA57-4A68-B422-37704310E76B}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{6590D964-F8B2-4E71-9726-44B5F11A681C}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{32CBB634-D8C2-405F-AF34-47364C5180CD}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{BDF26267-4725-420B-8C2E-20FE885E31C4}C:\users\travis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\travis\appdata\roaming\spotify\spotify.exe FirewallRules: [{7C43A1F3-B3A0-4D6F-B9F5-5B3B9D2DDCB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{2E5D055D-BCA5-430F-A67E-5EA208EBDDFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{3FDFAE03-B344-44CF-B9E5-5D5C78494032}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{2D9B1D1B-D788-4123-8C3B-61C811027027}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{AA2BDD16-3A9F-40FD-ADFB-E94120A9DCF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{FA9B7441-02DE-4406-B9AF-03A0026F42EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{DFB8E454-94F7-48F4-A000-E24798795998}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{30ED7789-A929-4718-9B37-54DC250B3607}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{1AE92714-07F9-4DF3-81EF-D53F59BE8D41}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{9D7B1644-2550-4467-81CA-666461A7ED14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{B1144E9C-9C51-441D-9A1B-78EA86112BF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{874C6CD9-05C6-42DB-8E79-FD4C93F62A7A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{D0E31551-B744-47A5-831E-A31C93EB9480}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{1D2C922F-50F3-4095-9C0B-C19FBA16B27F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{0DFA1B3D-9844-4653-981E-262D888C4C59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{831F7CF0-D7BC-4DAE-B02D-17B87EC45753}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{478D075F-23A3-49CC-A092-90A132DB115F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{36A0FD18-850D-4B06-9743-DD716BA343ED}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS38EA\HPDiagnosticCoreUI.exe FirewallRules: [{328CF102-FA96-4CCA-AB5D-8DBBDEB84250}] => (Allow) C:\Users\Travis\AppData\Local\Temp\7zS38EA\HPDiagnosticCoreUI.exe FirewallRules: [{3CA70F3F-B92A-4BF6-87B5-0A88F89CE95F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe FirewallRules: [{2880B288-38F1-42C5-9055-EF91BD364135}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe ==================== Restore Points ========================= 07-07-2016 20:19:22 Scheduled Checkpoint 12-07-2016 18:22:35 Windows Update 22-07-2016 15:22:06 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Officejet 6500 E709n Description: Officejet 6500 E709n Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Officejet 6500 E709n Description: Officejet 6500 E709n Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2016 09:09:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 09:06:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 09:00:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:55:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:55:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/23/2016 08:51:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-83HGFCR) Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/22/2016 03:22:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/12/2016 06:22:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/07/2016 08:19:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/03/2016 09:36:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.10586.0, time stamp: 0x5632d879 Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331 Exception code: 0xc000010a Fault offset: 0x0000000000071f28 Faulting process id: 0xfc8 Faulting application start time: 0xWindows.Media.BackgroundPlayback.exe0 Faulting application path: Windows.Media.BackgroundPlayback.exe1 Faulting module path: Windows.Media.BackgroundPlayback.exe2 Report Id: Windows.Media.BackgroundPlayback.exe3 Faulting package full name: Windows.Media.BackgroundPlayback.exe4 Faulting package-relative application ID: Windows.Media.BackgroundPlayback.exe5 System errors: ============= Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 05:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_69f40 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 05:45:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/23/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_64e5f3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_64e5f3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_64e5f3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_64e5f3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/23/2016 09:06:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable CodeIntegrity: =================================== Date: 2016-07-14 06:16:48.481 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-13 03:31:57.718 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-19 13:10:36.074 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-19 13:08:12.713 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 14:07:53.850 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 03:36:23.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 11:34:30.959 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 03:31:18.458 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-29 14:48:01.206 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-23 22:34:54.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-111387.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 20% Total physical RAM: 16336.23 MB Available physical RAM: 12935.62 MB Total Virtual: 18768.23 MB Available Virtual: 14678.29 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.27 GB) (Free:397.12 GB) NTFS Drive g: (Data Drive) (Fixed) (Total:931.39 GB) (Free:231.18 GB) NTFS Drive j: (EOS_DIGITAL) (Removable) (Total:59.59 GB) (Free:42.53 GB) exFAT Drive k: (MICRO C 4GB) (Removable) (Total:3.73 GB) (Free:3.3 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D39B9D66) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (Size: 59.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 7 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.7 GB) - (Type=0B) ==================== End of Addition.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.