Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with heurengine.zeroday threat


  • This topic is locked This topic is locked
9 replies to this topic

#1 AmeliaEar

AmeliaEar

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 28 July 2017 - 08:46 PM

My virus scanner says I have 7 instances of infection with this virus but it doesn't seem able to fix it (it's the free version of pctools).  My computer has been running slowly lately but I assumed that was simply because I have a lot of data on it and my son's been downloading video games.  Please let me know if this is a real problem.
thanks,
AmeliaEar
******************
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2017
Ran by Dina (administrator) on AMELIAEARHART (28-07-2017 21:23:25)
Running from C:\Users\Dina\Downloads
Loaded Profiles: Dina (Available Profiles: Dina)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(HP) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McT919B.tmp
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Dina\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\Solitaire.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-10-19] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [ISTray] => C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2717816 2012-11-01] (PC Tools)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-07-02] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Spotify Web Helper] => C:\Users\Dina\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-20] (Spotify Ltd)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1718536 2014-07-23] (CyberLink Corp.)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Dropbox Update] => C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-07-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Spotify] => C:\Users\Dina\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-20] (Spotify Ltd)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-17] (Valve Corporation)
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cura for Startt [2017-07-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-06-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-06-29]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-06-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Dina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk [2015-09-17]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\HPStatusBL.dll (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
Tcpip\..\Interfaces\{0f16502b-61c7-459b-920a-854bb8831175}: [DhcpNameServer] 64.71.255.204 64.71.255.198
Tcpip\..\Interfaces\{f2817e1a-b33b-445f-b9a4-4cf191bccdd4}: [DhcpNameServer] 10.255.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
SearchScopes: HKLM -> {A16C1BF0-9794-4F31-B963-F073E17D5ADB} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {A16C1BF0-9794-4F31-B963-F073E17D5ADB} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002 -> {A16C1BF0-9794-4F31-B963-F073E17D5ADB} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-28] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-28] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Dina\AppData\Roaming\Mozilla\Firefox\Profiles\xdg48lxq.default-1452140285092 [2017-07-28]
FF Homepage: Mozilla\Firefox\Profiles\xdg48lxq.default-1452140285092 -> www.google.ca
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox
FF Extension: (Browser Guard Toolbar) - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox [2014-05-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-07-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-07-02] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1033863130-1813703899-2551087964-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Dina\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-04] (Citrix Online)
FF Plugin HKU\S-1-5-21-1033863130-1813703899-2551087964-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-08] (Unity Technologies ApS)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default [2017-07-28]
CHR Extension: (Google Slides) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-16]
CHR Extension: (Google Docs) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-16]
CHR Extension: (Google Drive) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-16]
CHR Extension: (YouTube) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-16]
CHR Extension: (Google Search) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Google Sheets) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (HP Network Check Launcher) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2017-01-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-07-27]
CHR Extension: (Skype) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-27]
CHR Extension: (Boomerang for Gmail) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2017-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-26]
CHR Profile: C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-03-07]
CHR Extension: (Google Slides) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (Google Docs) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Google Search) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-07]
CHR Extension: (Google Sheets) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-07]
CHR Extension: (Gmail) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR Profile: C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-04-10]
CHR Extension: (Google Slides) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-10]
CHR Extension: (Google Docs) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-10]
CHR Extension: (Google Drive) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (YouTube) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-10]
CHR Extension: (Google Sheets) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-10]
CHR Extension: (Google Docs Offline) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-10]
CHR Extension: (Gmail) - C:\Users\Dina\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-10]
CHR Profile: C:\Users\Dina\AppData\Local\Google\Chrome\User Data\System Profile [2016-04-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0172521499861242mcinstcleanup; C:\WINDOWS\TEMP\017252~1.EXE [1027864 2016-11-28] (McAfee, Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38728 2016-10-12] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-10-19] (Realtek Semiconductor)
R2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools)
R2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1162360 2012-11-01] (PC Tools)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [56128 2016-10-12] (HP)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [42312 2016-10-12] (HP)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
R3 PCTBD; C:\WINDOWS\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 PCTCore; C:\WINDOWS\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools)
R0 pctDS; C:\WINDOWS\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\WINDOWS\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools)
R3 pctplsm; C:\Windows\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools)
R1 PCTSD; C:\WINDOWS\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-07-28 21:23 - 2017-07-28 21:24 - 00034037 _____ C:\Users\Dina\Downloads\FRST.txt
2017-07-28 21:23 - 2017-07-28 21:23 - 00000000 ____D C:\FRST
2017-07-28 21:20 - 2017-07-28 21:22 - 02381312 _____ (Farbar) C:\Users\Dina\Downloads\FRST64.exe
2017-07-28 18:01 - 2017-07-28 18:01 - 01151116 _____ C:\Users\Dina\Downloads\Letter to Minister Chiarelli July 26.pdf
2017-07-28 18:01 - 2017-07-28 18:01 - 01145220 _____ C:\Users\Dina\Downloads\Letter to DM of MOI July 26.pdf
2017-07-28 17:59 - 2017-07-28 17:59 - 00361668 _____ C:\Users\Dina\Downloads\LTIP submission July 26.pdf
2017-07-27 15:07 - 2017-07-27 15:07 - 00003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1033863130-1813703899-2551087964-1002
2017-07-24 11:23 - 2017-07-24 11:23 - 00068910 _____ C:\Users\Dina\Downloads\20170619 National Community of Practice on Social Purchasing Meeting Notes (1) _AMedits.pdf
2017-07-23 10:18 - 2017-07-23 10:19 - 00000827 _____ C:\Users\Dina\Downloads\cartdestroyeredition6.zip
2017-07-22 21:07 - 2017-07-22 21:08 - 24734921 _____ C:\Users\Dina\Downloads\Tokyo Ghoul MOD.rar
2017-07-22 21:06 - 2017-07-22 21:06 - 30637922 _____ C:\Users\Dina\Downloads\Tokyo Ghoul MOD V.2.rar
2017-07-22 20:54 - 2017-07-22 20:54 - 00000000 ____D C:\Users\Dina\Downloads\mmftmpdir
2017-07-22 20:52 - 2017-07-22 20:52 - 01854238 _____ C:\Users\Dina\Downloads\Pokemon_Chess.zip
2017-07-22 20:14 - 2017-07-22 20:14 - 00299812 _____ C:\Users\Dina\Downloads\410 - National Housing Collaborative (12).pdf
2017-07-22 20:14 - 2017-07-22 20:14 - 00053865 _____ C:\Users\Dina\Downloads\410 - National Housing Collaborative - gl (9).pdf
2017-07-22 15:00 - 2017-07-22 15:00 - 00118861 _____ C:\Users\Dina\Downloads\StarttFirmware1.0.hex (1).zip
2017-07-22 14:58 - 2017-07-22 14:58 - 00118861 _____ C:\Users\Dina\Downloads\StarttFirmware1.0.hex.zip
2017-07-22 14:50 - 2017-07-22 14:50 - 00000000 ____D C:\Users\Dina\AppData\Local\Cura for Startt
2017-07-22 14:48 - 2017-07-22 14:48 - 00000000 ____D C:\Users\Dina\AppData\Roaming\cura
2017-07-22 14:48 - 2017-07-22 14:48 - 00000000 ____D C:\Users\Dina\AppData\Local\cura
2017-07-22 14:46 - 2017-07-22 14:46 - 00001054 _____ C:\Users\Public\Desktop\Cura for Startt.lnk
2017-07-22 14:43 - 2017-07-22 14:43 - 108157126 _____ C:\Users\Dina\Downloads\CuraForStartt-1.1-win32.exe
2017-07-22 14:38 - 2017-07-22 14:38 - 00000000 ____D C:\WCH.CN
2017-07-22 14:38 - 2011-11-05 00:00 - 00058368 _____ (www.winchiphead.com) C:\WINDOWS\system32\Drivers\CH341S64.SYS
2017-07-22 14:38 - 2011-11-05 00:00 - 00039696 _____ (www.winchiphead.com) C:\WINDOWS\system32\Drivers\CH341SER.SYS
2017-07-22 14:38 - 2008-12-18 00:00 - 00020089 _____ C:\WINDOWS\system32\CH341SER.VXD
2017-07-22 14:38 - 2007-06-12 00:00 - 00019680 _____ (www.winchiphead.com) C:\WINDOWS\system32\Drivers\CH341S98.SYS
2017-07-22 14:38 - 2005-07-30 00:00 - 00006712 _____ (www.winchiphead.com) C:\WINDOWS\SysWOW64\CH341PT.DLL
2017-07-22 14:38 - 2005-07-30 00:00 - 00006712 _____ (www.winchiphead.com) C:\WINDOWS\system32\CH341PT.DLL
2017-07-22 10:27 - 2017-07-22 10:27 - 24181825 _____ C:\Users\Dina\Downloads\IMG_2684.MOV
2017-07-21 08:31 - 2017-07-21 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-07-21 08:30 - 2017-07-21 08:30 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-07-21 08:30 - 2017-07-21 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-21 08:28 - 2017-07-21 08:30 - 00000000 ____D C:\Program Files\iTunes
2017-07-21 08:28 - 2017-07-21 08:28 - 00000000 ____D C:\Program Files\iPod
2017-07-19 12:10 - 2017-07-19 12:10 - 00577033 _____ C:\Users\Dina\Downloads\OPS-ProcurementDirectiveDec2014.pdf
2017-07-18 10:54 - 2017-07-18 10:54 - 00049316 _____ C:\Users\Dina\Downloads\RSVP NHC summer meets.xlsx
2017-07-16 22:53 - 2017-07-16 22:53 - 01084679 _____ C:\Users\Dina\Downloads\Community Benefits - LTIP Stakeholder Deck - FINAL.PPTX
2017-07-16 09:15 - 2017-07-16 09:15 - 01551411 _____ C:\Users\Dina\Downloads\PUBLIC VERSION BP in embedding SV in PP v 23 June 2017 (1).pdf
2017-07-15 19:26 - 2017-07-15 19:26 - 00066094 _____ C:\Users\Dina\Downloads\35096705190-642026978-ticket (1).pdf
2017-07-15 19:25 - 2017-07-15 19:25 - 00066095 _____ C:\Users\Dina\Downloads\35096705190-642026978-ticket.pdf
2017-07-15 17:11 - 2017-07-15 17:11 - 00023595 _____ C:\Users\Dina\Downloads\Scanned from a Xerox Multifunction Printer.pdf
2017-07-14 15:13 - 2017-07-14 15:13 - 00135566 _____ C:\Users\Dina\Downloads\AMO Slide Deck Template_July 2017.pptx
2017-07-14 15:12 - 2017-07-14 15:12 - 00059667 _____ C:\Users\Dina\Downloads\Dina Graser Confirmation Letter July 6, 2017.pdf
2017-07-13 19:11 - 2017-07-13 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-07-13 19:11 - 2017-07-13 19:11 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-07-12 18:26 - 2017-07-12 18:26 - 00000000 ____D C:\Users\Dina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-12 13:23 - 2017-07-12 13:23 - 00000000 ____D C:\Users\Dina\AppData\Local\GoToMeeting
2017-07-11 20:50 - 2017-07-07 03:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-11 20:50 - 2017-07-07 03:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-11 20:50 - 2017-07-07 02:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-11 20:50 - 2017-07-07 02:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-11 20:50 - 2017-07-07 02:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-11 20:50 - 2017-07-07 02:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-11 20:50 - 2017-07-07 02:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-11 20:50 - 2017-07-07 02:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-11 20:50 - 2017-07-07 02:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-11 20:50 - 2017-07-07 02:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-11 20:50 - 2017-07-07 02:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-11 20:50 - 2017-07-07 02:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-11 20:50 - 2017-07-07 02:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-11 20:50 - 2017-07-07 02:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-11 20:50 - 2017-07-07 02:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-11 20:50 - 2017-07-07 02:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-11 20:50 - 2017-07-07 02:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-11 20:50 - 2017-07-07 02:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-11 20:50 - 2017-07-07 02:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-11 20:50 - 2017-07-07 02:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-11 20:50 - 2017-07-07 02:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-11 20:50 - 2017-07-07 02:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-11 20:50 - 2017-07-07 02:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-11 20:50 - 2017-07-07 02:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-11 20:50 - 2017-07-07 02:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-11 20:50 - 2017-07-07 02:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-11 20:50 - 2017-07-07 02:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-11 20:50 - 2017-07-07 02:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-11 20:50 - 2017-07-07 02:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-11 20:50 - 2017-07-07 02:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-11 20:50 - 2017-07-07 02:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-11 20:50 - 2017-07-07 02:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-11 20:50 - 2017-07-07 02:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-11 20:50 - 2017-07-07 02:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-11 20:50 - 2017-07-07 02:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-11 20:50 - 2017-07-07 02:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-11 20:50 - 2017-07-07 02:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-11 20:50 - 2017-07-07 02:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-11 20:50 - 2017-07-07 02:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-11 20:50 - 2017-07-07 02:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-11 20:50 - 2017-07-07 02:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-11 20:50 - 2017-07-07 02:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-11 20:50 - 2017-07-07 02:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-11 20:50 - 2017-07-07 02:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-11 20:50 - 2017-07-07 02:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-11 20:50 - 2017-07-07 02:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-11 20:50 - 2017-07-07 02:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-11 20:50 - 2017-07-07 02:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-11 20:50 - 2017-07-07 01:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-11 20:50 - 2017-07-07 01:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-11 20:50 - 2017-07-07 01:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-11 20:50 - 2017-07-07 01:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-11 20:50 - 2017-07-07 01:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-11 20:50 - 2017-07-07 01:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-11 20:50 - 2017-07-07 01:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-11 20:50 - 2017-07-07 01:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-11 20:50 - 2017-07-07 01:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-11 20:50 - 2017-07-07 01:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-11 20:50 - 2017-07-07 01:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-11 20:50 - 2017-07-07 01:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-11 20:50 - 2017-06-20 02:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-11 20:50 - 2017-06-20 02:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-11 20:50 - 2017-06-20 01:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-11 20:50 - 2017-06-20 01:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-11 20:50 - 2017-06-20 01:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-11 20:50 - 2017-06-20 01:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-11 20:50 - 2017-06-20 01:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-11 20:50 - 2017-06-20 01:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-11 20:50 - 2017-06-20 01:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-11 20:50 - 2017-06-20 01:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-11 20:50 - 2017-06-20 01:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-11 20:50 - 2017-06-20 01:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-11 20:50 - 2017-06-20 01:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-11 20:50 - 2017-06-20 01:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-11 20:50 - 2017-06-20 01:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-11 20:50 - 2017-06-20 01:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-11 20:50 - 2017-06-20 01:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-11 20:50 - 2017-06-20 01:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-11 20:50 - 2017-06-20 01:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-11 20:50 - 2017-06-20 01:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-11 20:50 - 2017-06-20 01:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-11 20:50 - 2017-06-20 01:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-11 20:50 - 2017-06-20 01:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-11 20:50 - 2017-06-20 01:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-11 20:50 - 2017-06-20 01:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-11 20:50 - 2017-06-20 01:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-11 20:50 - 2017-06-20 01:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-11 20:50 - 2017-06-20 01:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-11 20:50 - 2017-06-20 01:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-11 20:50 - 2017-06-20 01:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-11 20:50 - 2017-06-20 00:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-11 20:50 - 2017-06-20 00:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-11 20:50 - 2017-06-20 00:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:50 - 2017-06-20 00:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:50 - 2017-06-20 00:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-11 20:50 - 2017-06-20 00:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-11 20:50 - 2017-06-20 00:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-11 20:50 - 2017-06-20 00:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-11 20:50 - 2017-06-20 00:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-11 20:50 - 2017-06-20 00:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-11 20:50 - 2017-06-20 00:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-11 20:50 - 2017-06-20 00:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-11 20:50 - 2017-06-20 00:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-11 20:50 - 2017-06-20 00:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-11 20:50 - 2017-06-20 00:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-11 20:50 - 2017-06-20 00:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-11 20:50 - 2017-06-20 00:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-11 20:50 - 2017-06-20 00:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-11 20:50 - 2017-06-20 00:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-11 20:50 - 2017-06-20 00:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-11 20:50 - 2017-06-20 00:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-11 20:50 - 2017-06-20 00:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-11 20:50 - 2017-06-20 00:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-11 20:50 - 2017-06-20 00:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-11 20:50 - 2017-06-20 00:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-11 20:50 - 2017-06-20 00:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-11 20:50 - 2017-06-20 00:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-11 20:50 - 2017-06-20 00:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-11 20:50 - 2017-06-20 00:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-11 20:50 - 2017-06-20 00:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-11 20:50 - 2017-06-20 00:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-11 20:50 - 2017-06-20 00:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-11 20:50 - 2017-06-20 00:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-11 20:50 - 2017-06-20 00:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-11 20:50 - 2017-06-20 00:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-11 20:50 - 2017-06-20 00:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-11 20:50 - 2017-06-20 00:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-11 20:50 - 2017-06-20 00:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-11 20:50 - 2017-06-20 00:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-11 20:50 - 2017-06-20 00:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-11 20:50 - 2017-06-20 00:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-11 20:50 - 2017-06-20 00:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-11 20:50 - 2017-06-20 00:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-11 20:50 - 2017-06-20 00:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-11 20:50 - 2017-06-20 00:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-11 20:50 - 2017-06-20 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-11 20:50 - 2017-06-20 00:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-11 20:50 - 2017-06-20 00:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-11 20:49 - 2017-07-07 10:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-11 20:49 - 2017-07-07 03:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-11 20:49 - 2017-07-07 03:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-11 20:49 - 2017-07-07 03:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-11 20:49 - 2017-07-07 03:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-11 20:49 - 2017-07-07 03:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-11 20:49 - 2017-07-07 03:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-11 20:49 - 2017-07-07 03:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-11 20:49 - 2017-07-07 03:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-11 20:49 - 2017-07-07 03:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-11 20:49 - 2017-07-07 03:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-11 20:49 - 2017-07-07 02:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-11 20:49 - 2017-07-07 02:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-11 20:49 - 2017-07-07 02:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-11 20:49 - 2017-07-07 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-11 20:49 - 2017-07-07 02:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-11 20:49 - 2017-07-07 02:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-11 20:49 - 2017-07-07 02:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-11 20:49 - 2017-07-07 02:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-11 20:49 - 2017-07-07 02:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-11 20:49 - 2017-07-07 02:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-11 20:49 - 2017-07-07 02:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-11 20:49 - 2017-07-07 02:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-11 20:49 - 2017-07-07 02:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-11 20:49 - 2017-07-07 02:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-11 20:49 - 2017-07-07 02:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-11 20:49 - 2017-07-07 02:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-11 20:49 - 2017-07-07 02:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-11 20:49 - 2017-07-07 02:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-11 20:49 - 2017-07-07 02:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-11 20:49 - 2017-07-07 02:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-11 20:49 - 2017-07-07 02:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-11 20:49 - 2017-07-07 02:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-11 20:49 - 2017-07-07 02:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-11 20:49 - 2017-07-07 02:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-11 20:49 - 2017-07-07 02:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-11 20:49 - 2017-07-07 02:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-11 20:49 - 2017-07-07 02:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-11 20:49 - 2017-07-07 02:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-11 20:49 - 2017-07-07 01:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-11 20:49 - 2017-06-20 02:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-11 20:49 - 2017-06-20 02:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-11 20:49 - 2017-06-20 02:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-11 20:49 - 2017-06-20 01:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-11 20:49 - 2017-06-20 01:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-11 20:49 - 2017-06-20 01:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-11 20:49 - 2017-06-20 01:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-11 20:49 - 2017-06-20 01:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-11 20:49 - 2017-06-20 01:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-11 20:49 - 2017-06-20 01:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-11 20:49 - 2017-06-20 01:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-11 20:49 - 2017-06-20 01:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-11 20:49 - 2017-06-20 01:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-11 20:49 - 2017-06-20 01:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-11 20:49 - 2017-06-20 01:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-11 20:49 - 2017-06-20 01:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-11 20:49 - 2017-06-20 01:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-11 20:49 - 2017-06-20 01:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-11 20:49 - 2017-06-20 01:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-11 20:49 - 2017-06-20 01:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-11 20:49 - 2017-06-20 01:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-11 20:49 - 2017-06-20 01:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-11 20:49 - 2017-06-20 01:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-11 20:49 - 2017-06-20 01:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-11 20:49 - 2017-06-20 01:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-11 20:49 - 2017-06-20 01:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-11 20:49 - 2017-06-20 01:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-11 20:49 - 2017-06-20 01:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-11 20:49 - 2017-06-20 00:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-11 20:49 - 2017-06-20 00:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-11 20:49 - 2017-06-20 00:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-11 20:49 - 2017-06-20 00:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-11 20:49 - 2017-06-20 00:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-11 20:49 - 2017-06-20 00:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-11 20:49 - 2017-06-20 00:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-11 20:49 - 2017-06-20 00:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-11 20:49 - 2017-06-20 00:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-11 20:49 - 2017-06-20 00:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-11 20:48 - 2017-07-07 03:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-11 20:48 - 2017-07-07 03:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-11 20:48 - 2017-07-07 03:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-11 20:48 - 2017-07-07 03:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-11 20:48 - 2017-07-07 03:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-11 20:48 - 2017-07-07 03:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-11 20:48 - 2017-07-07 03:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-11 20:48 - 2017-07-07 03:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-11 20:48 - 2017-07-07 03:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-11 20:48 - 2017-07-07 03:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-11 20:48 - 2017-07-07 03:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-11 20:48 - 2017-07-07 03:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-11 20:48 - 2017-07-07 03:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-11 20:48 - 2017-07-07 03:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-11 20:48 - 2017-07-07 03:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-11 20:48 - 2017-07-07 03:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-11 20:48 - 2017-07-07 03:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-11 20:48 - 2017-07-07 03:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-11 20:48 - 2017-07-07 03:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-11 20:48 - 2017-07-07 03:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-11 20:48 - 2017-07-07 03:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-11 20:48 - 2017-07-07 03:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-11 20:48 - 2017-07-07 02:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-11 20:48 - 2017-07-07 02:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-11 20:48 - 2017-07-07 02:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-11 20:48 - 2017-07-07 02:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-11 20:48 - 2017-07-07 02:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-11 20:48 - 2017-07-07 02:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-11 20:48 - 2017-07-07 02:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-11 20:48 - 2017-07-07 02:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-11 20:48 - 2017-07-07 02:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-11 20:48 - 2017-07-07 02:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-11 20:48 - 2017-07-07 02:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-11 20:48 - 2017-07-07 02:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-11 20:48 - 2017-07-07 02:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-11 20:48 - 2017-07-07 02:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-11 20:48 - 2017-07-07 02:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-11 20:48 - 2017-07-07 02:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-11 20:48 - 2017-07-07 02:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-11 20:48 - 2017-07-07 02:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-11 20:48 - 2017-07-07 02:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-11 20:48 - 2017-07-07 02:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-11 20:48 - 2017-07-07 02:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-11 20:48 - 2017-07-07 02:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-11 20:48 - 2017-07-07 02:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-11 20:48 - 2017-07-07 02:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-11 20:48 - 2017-07-07 02:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-11 20:48 - 2017-07-07 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-11 20:48 - 2017-07-07 02:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-11 20:48 - 2017-07-07 02:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-11 20:48 - 2017-07-07 02:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-11 20:48 - 2017-07-07 02:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-11 20:48 - 2017-07-07 02:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-11 20:48 - 2017-07-07 02:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-11 20:48 - 2017-07-07 02:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-11 20:48 - 2017-07-07 02:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-11 20:48 - 2017-07-07 02:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-11 20:48 - 2017-07-07 02:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-11 20:48 - 2017-07-01 18:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-11 20:48 - 2017-06-20 02:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-11 20:48 - 2017-06-20 02:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-11 20:48 - 2017-06-20 02:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-11 20:48 - 2017-06-20 02:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-11 20:48 - 2017-06-20 02:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-11 20:48 - 2017-06-20 02:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-11 20:48 - 2017-06-20 02:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-11 20:48 - 2017-06-20 02:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-11 20:48 - 2017-06-20 02:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-11 20:48 - 2017-06-20 02:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-11 20:48 - 2017-06-20 02:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-11 20:48 - 2017-06-20 02:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-11 20:48 - 2017-06-20 02:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-11 20:48 - 2017-06-20 01:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-11 20:48 - 2017-06-20 01:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-11 20:48 - 2017-06-20 01:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-11 20:48 - 2017-06-20 01:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-11 20:48 - 2017-06-20 01:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-11 20:48 - 2017-06-20 01:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-11 20:48 - 2017-06-20 01:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-11 20:48 - 2017-06-20 01:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-11 20:48 - 2017-06-20 01:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-11 20:48 - 2017-06-20 01:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-11 20:48 - 2017-06-20 01:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-11 20:48 - 2017-06-20 01:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-11 20:48 - 2017-06-20 01:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-11 20:48 - 2017-06-20 01:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-11 20:48 - 2017-06-20 01:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-11 20:48 - 2017-06-20 01:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-11 20:48 - 2017-06-20 01:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-11 20:48 - 2017-06-20 01:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-11 20:48 - 2017-06-20 01:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-11 20:48 - 2017-06-20 01:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-11 20:48 - 2017-06-20 01:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-11 20:48 - 2017-06-20 01:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-11 20:48 - 2017-06-20 01:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-11 20:48 - 2017-06-20 01:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-11 20:48 - 2017-06-20 01:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-11 20:48 - 2017-06-20 01:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-11 20:48 - 2017-06-20 01:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-11 20:48 - 2017-06-20 01:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-11 20:48 - 2017-06-20 01:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-11 20:48 - 2017-06-20 01:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-11 20:48 - 2017-06-20 01:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-11 20:48 - 2017-06-20 01:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-11 20:48 - 2017-06-20 01:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-11 20:48 - 2017-06-20 01:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-11 20:48 - 2017-06-20 01:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-11 20:48 - 2017-06-20 01:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-11 20:48 - 2017-06-20 01:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-11 20:48 - 2017-06-20 01:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-11 20:48 - 2017-06-20 00:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-11 20:48 - 2017-06-20 00:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-11 20:48 - 2017-06-20 00:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-11 20:48 - 2017-06-20 00:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-11 20:47 - 2017-07-07 03:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-11 20:47 - 2017-07-07 03:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-11 20:47 - 2017-07-07 03:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-11 20:47 - 2017-07-07 03:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-11 20:47 - 2017-07-07 03:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-11 20:47 - 2017-07-07 03:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-11 20:47 - 2017-07-07 03:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-11 20:47 - 2017-07-07 03:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-11 20:47 - 2017-07-07 02:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-11 20:47 - 2017-07-07 02:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-11 20:47 - 2017-07-07 02:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-11 20:47 - 2017-07-07 02:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-11 20:47 - 2017-07-07 02:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-11 20:47 - 2017-07-07 02:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-11 20:47 - 2017-07-07 02:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-11 20:47 - 2017-07-07 02:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-11 20:47 - 2017-07-07 02:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-11 20:47 - 2017-07-07 02:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-11 20:47 - 2017-07-07 02:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-11 20:47 - 2017-07-07 02:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-11 20:47 - 2017-07-07 02:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-11 20:47 - 2017-07-07 02:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-11 20:47 - 2017-07-07 02:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-11 20:47 - 2017-07-07 02:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-11 20:47 - 2017-07-07 02:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-11 20:47 - 2017-07-07 02:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-11 20:47 - 2017-07-07 02:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-11 20:47 - 2017-07-07 02:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-11 20:47 - 2017-07-07 02:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-11 20:47 - 2017-06-20 02:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-11 20:47 - 2017-06-20 02:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-11 20:47 - 2017-06-20 02:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-11 20:47 - 2017-06-20 02:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-11 20:47 - 2017-06-20 02:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-11 20:47 - 2017-06-20 02:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-11 20:47 - 2017-06-20 02:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-11 20:47 - 2017-06-20 02:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-11 20:47 - 2017-06-20 02:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-11 20:47 - 2017-06-20 02:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-11 20:47 - 2017-06-20 01:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-11 20:47 - 2017-06-20 01:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-11 20:47 - 2017-06-20 01:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-11 20:47 - 2017-06-20 01:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-11 20:47 - 2017-06-20 01:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-11 20:47 - 2017-06-20 01:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-11 20:47 - 2017-06-20 01:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:47 - 2017-06-20 01:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-11 20:47 - 2017-06-20 01:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-11 20:47 - 2017-06-20 01:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-11 20:47 - 2017-06-20 01:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:47 - 2017-06-20 01:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-11 20:47 - 2017-06-20 01:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-11 20:47 - 2017-06-20 01:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-11 20:47 - 2017-06-20 01:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-11 20:47 - 2017-06-20 01:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-11 20:47 - 2017-06-20 01:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-11 20:47 - 2017-06-20 01:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-11 20:47 - 2017-06-20 01:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-11 20:47 - 2017-06-20 01:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-11 20:47 - 2017-06-20 01:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-11 20:47 - 2017-06-20 01:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-11 20:47 - 2017-06-20 01:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-11 20:47 - 2017-06-20 01:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-11 20:47 - 2017-06-20 01:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-11 20:47 - 2017-06-20 01:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-11 20:47 - 2017-06-20 01:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-11 20:47 - 2017-06-20 01:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-11 20:47 - 2017-06-20 01:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-11 20:47 - 2017-06-20 01:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-11 20:47 - 2017-06-20 01:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-11 20:47 - 2017-06-20 01:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-11 20:47 - 2017-06-20 01:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-11 20:47 - 2017-06-20 01:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-11 20:47 - 2017-06-20 01:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-11 20:47 - 2017-06-20 00:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-11 20:47 - 2017-06-20 00:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-11 20:47 - 2017-06-20 00:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-11 20:47 - 2017-06-20 00:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-11 10:27 - 2017-07-11 10:27 - 01551411 _____ C:\Users\Dina\Downloads\PUBLIC VERSION BP in embedding SV in PP v 23 June 2017.pdf
2017-07-11 10:08 - 2017-07-11 10:08 - 01132639 _____ C:\Users\Dina\Downloads\sc-isp1200(2016-05-09)e.pdf
2017-07-11 10:08 - 2017-07-11 10:08 - 00169485 _____ C:\Users\Dina\Downloads\sc-isp1200a(2016-05-09)e.pdf
2017-07-09 18:45 - 2017-07-09 18:45 - 01142316 _____ C:\Users\Dina\Documents\Cremation Form 2.pdf
2017-07-09 18:44 - 2017-07-09 18:44 - 01138208 _____ C:\Users\Dina\Documents\Scan0018.pdf
2017-07-06 22:58 - 2017-07-06 22:58 - 00398091 _____ C:\Users\Dina\Downloads\Policy and Research Monitor April-May 2017.xlsx
2017-07-05 19:13 - 2017-07-05 19:13 - 33795905 _____ C:\Users\Dina\Downloads\IMG_4100.MOV
2017-07-03 19:01 - 2017-07-03 19:02 - 00192666 _____ C:\Users\Dina\Downloads\AMO BBR Presentation Aug 12 and 13 2017 Vers 1.0.pptx
2017-07-03 18:43 - 2017-07-03 18:47 - 70635143 _____ C:\Users\Dina\Downloads\DIna G Headshot.zip
2017-07-03 18:34 - 2017-07-03 18:34 - 00239188 _____ C:\Users\Dina\Downloads\DinaCardArt5.pdf
2017-06-29 23:36 - 2017-06-29 23:36 - 00011970 _____ C:\Users\Dina\Downloads\CRA-ARC-MP (5).pdf
2017-06-28 10:24 - 2017-06-28 10:24 - 00524289 _____ C:\Users\Dina\Downloads\Paradis INI333H1F protocol & appendices (1).pdf
2017-06-28 09:31 - 2017-06-28 09:31 - 04237092 _____ C:\Users\Dina\Downloads\20170501- Renew Mag.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-07-28 21:03 - 2014-09-08 16:31 - 00002092 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2017-07-28 20:55 - 2017-05-17 21:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-28 19:28 - 2013-11-27 15:21 - 00000000 ____D C:\ProgramData\Temp
2017-07-28 18:23 - 2017-05-17 22:12 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5EC7604B-3251-47B3-B8FD-C93970B1F9B2}
2017-07-28 17:52 - 2014-05-03 16:24 - 00000000 ____D C:\Users\Dina\AppData\Local\Packages
2017-07-28 14:36 - 2017-05-17 22:12 - 00003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDina
2017-07-28 14:36 - 2016-08-29 18:41 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDina.job
2017-07-28 14:30 - 2017-03-18 17:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-28 14:30 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-28 09:14 - 2015-04-09 08:32 - 00000000 ____D C:\Users\Dina\Documents\Youcam
2017-07-28 09:10 - 2017-05-10 21:32 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-27 22:46 - 2016-12-16 00:26 - 00000000 ____D C:\Users\Dina\AppData\LocalLow\Mozilla
2017-07-27 15:07 - 2015-09-18 09:49 - 00002415 _____ C:\Users\Dina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-27 15:07 - 2015-05-13 22:12 - 00000000 ___RD C:\Users\Dina\OneDrive
2017-07-27 15:04 - 2014-09-04 14:28 - 00000000 ____D C:\Users\Dina\AppData\Local\Adobe
2017-07-25 22:19 - 2014-10-06 19:08 - 00000000 ____D C:\Users\Dina\AppData\Roaming\Skype
2017-07-25 18:59 - 2016-01-16 13:06 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-23 22:07 - 2015-02-14 23:49 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-22 15:04 - 2017-03-18 17:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-22 15:03 - 2015-05-12 21:12 - 00000000 ____D C:\Users\Dina\Documents\Kai's stuff
2017-07-21 11:49 - 2014-05-05 13:18 - 00000000 ____D C:\Users\Dina\Documents\Dina's stuff
2017-07-17 08:25 - 2016-09-12 21:47 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-07-17 08:25 - 2016-09-12 21:47 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-07-15 10:50 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-14 23:11 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-14 09:54 - 2016-01-16 12:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-13 19:11 - 2015-11-12 22:05 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-07-13 19:11 - 2015-07-23 21:35 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-07-13 11:58 - 2017-05-17 21:31 - 00000000 ____D C:\Users\Dina
2017-07-12 18:26 - 2015-04-06 21:49 - 00000000 ____D C:\Users\Dina\AppData\Roaming\Dropbox
2017-07-12 18:19 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-12 13:23 - 2017-05-17 22:12 - 00003816 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1033863130-1813703899-2551087964-1002
2017-07-12 13:23 - 2017-05-17 22:12 - 00003720 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1033863130-1813703899-2551087964-1002
2017-07-12 13:23 - 2015-11-13 15:08 - 00000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1033863130-1813703899-2551087964-1002.job
2017-07-12 13:23 - 2015-11-13 15:08 - 00000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1033863130-1813703899-2551087964-1002.job
2017-07-12 08:50 - 2014-05-25 21:45 - 02931927 _____ C:\WINDOWS\system32\Drivers\Cat.DB
2017-07-12 08:18 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 08:08 - 2017-05-28 18:45 - 00001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-07-12 08:08 - 2017-05-28 18:45 - 00001235 _____ C:\Users\Public\Desktop\True Key.lnk
2017-07-12 08:08 - 2017-05-28 18:35 - 00000000 ____D C:\Program Files\TrueKey
2017-07-12 08:07 - 2017-05-17 21:30 - 01045470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-12 08:03 - 2017-05-17 22:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-12 08:03 - 2017-05-17 21:25 - 00296112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-12 08:02 - 2015-05-15 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-12 08:02 - 2014-05-03 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-12 00:06 - 2017-03-18 07:40 - 02621440 _____ C:\WINDOWS\system32\config\BBI
2017-07-12 00:06 - 2015-09-18 01:58 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 00:04 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-11 22:28 - 2017-05-28 18:35 - 00004594 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-11 22:28 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-11 22:28 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-11 21:00 - 2017-03-18 16:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-11 20:56 - 2014-05-12 23:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-11 20:51 - 2014-05-12 23:34 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-08 12:39 - 2014-05-06 22:11 - 00000000 ____D C:\Users\Dina\AppData\Local\ElevatedDiagnostics
2017-07-04 23:27 - 2017-03-17 13:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-07-04 23:27 - 2014-10-06 19:08 - 00000000 ____D C:\ProgramData\Skype
2017-07-04 10:37 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 10:36 - 2014-05-03 16:44 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-30 10:47 - 2017-03-18 17:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 10:47 - 2017-03-18 17:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2016-11-05 15:01 - 2016-11-10 22:34 - 0000446 _____ () C:\Users\Dina\AppData\Roaming\CSharpAnalytics-MeasurementSession
2014-09-08 16:34 - 2014-09-08 16:34 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Files to move or delete:
====================
C:\Users\Dina\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Dina\hppiw.exe
C:\Users\Dina\Kies3Setup.exe
C:\Users\Dina\mbam-setup-2.0.4.1028.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-07-23 23:22
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2017
Ran by Dina (28-07-2017 21:26:20)
Running from C:\Users\Dina\Downloads
Windows 10 Home Version 1703 (X64) (2017-05-18 02:25:13)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1033863130-1813703899-2551087964-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1033863130-1813703899-2551087964-503 - Limited - Disabled)
Dina (S-1-5-21-1033863130-1813703899-2551087964-1002 - Administrator - Enabled) => C:\Users\Dina
Guest (S-1-5-21-1033863130-1813703899-2551087964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1033863130-1813703899-2551087964-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: PC Tools AntiVirus Free (Enabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PC Tools AntiVirus Free (Enabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (HKLM-x32\...\WTA-24945a42-d412-41f5-bc53-1bd217aae636) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (HKLM-x32\...\WTA-babf29ef-1f42-4958-bdc7-6326555bdeb0) (Version: 2.2.0.95 - WildTangent) Hidden
Aloha TriPeaks (HKLM-x32\...\WTA-07478944-5140-413a-a25a-7977379765c4) (Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{5BB304EB-8E5B-0F2D-66FA-6603D9BB3232}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-4bf900ea-c500-426c-911a-8f676947a9f6) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-08c1ae22-e0e7-4da0-b1c1-1899a19e488e) (Version: 2.2.0.98 - WildTangent) Hidden
Birthdays the Beginning (HKLM\...\Steam App 525700) (Version:  - ARC SYSTEM WORKS Co., Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WTA-8fad932d-c6ea-48f6-9833-488477e1df48) (Version: 2.2.0.97 - WildTangent) Hidden
Browser Guard 4.0 (HKLM-x32\...\Browser Defender_is1) (Version: 4.0.0.1884 - PC Tools)
Build-a-lot (HKLM-x32\...\WTA-7dddd62c-a51c-4db9-9ed9-8777c472f5bd) (Version: 2.2.0.98 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Connect (HKLM-x32\...\Connect) (Version: 1.4.14232.0 - Cisco Consumer Products LLC)
Cradle of Rome 2 (HKLM-x32\...\WTA-2545b296-fa2f-4db0-a7be-2efcc816cdf6) (Version: 2.2.0.98 - WildTangent) Hidden
Cura for Startt (HKLM-x32\...\Cura for Startt) (Version: 0.1.1 - MyMiniFactory)
Curse at Twilight (HKLM-x32\...\WTA-3eea1e6f-e238-454b-954a-6374aa44344e) (Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (HKLM-x32\...\WTA-ded49f07-f605-4b54-8506-ba78fbf28bf7) (Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WTA-9b5c533f-b4d2-40ce-b4a7-b047df9c62d6) (Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-8522799b-972b-452d-8a0a-8a7d1d1631ab) (Version: 3.0.2.38 - WildTangent) Hidden
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.78 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.107 - Google Inc.) Hidden
GoToMeeting 8.8.0.7297 (HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\GoToMeeting) (Version: 8.8.0.7297 - LogMeIn, Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-7abdcaf6-514d-4411-9b83-048759ce0e19) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (HKLM-x32\...\WTA-e8a8d520-21ff-4d24-8232-a0d6a674cba1) (Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{1A339D1D-584E-48D5-BE7D-72CD565064A3}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.19.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.7.27.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-feb62b1c-25f4-43a8-a436-30dece644551) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-4bf5c21f-6831-4a47-8ed6-1b6df023f63f) (Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-1c084829-9226-4bc3-8e54-908ad299108f) (Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-e6299dcd-d7dd-4f9b-b028-853a2a9abedb) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (HKLM-x32\...\WTA-906eb95a-840f-4791-a97e-37855dc9eddb) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.587.1 - McAfee, Inc.)
Mediatek Bluetooth (HKLM\...\{904C579C-9366-D3B7-7F31-4879401DBD4A}) (Version: 11.0.756.0 - Mediatek)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 en-US)) (Version: 45.4.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
PC Tools AntiVirus Free 9.1 (HKLM-x32\...\Spyware Doctor) (Version: 9.1 - PC Tools)
Peggle Nights (HKLM-x32\...\WTA-96924c36-ff2d-4c00-8ac6-6029619c1e0b) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-57ee888e-9a60-4bba-bdcb-ecc1e4b57a5b) (Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\{9B56B031-A6C0-4BB7-8F61-938548C1B759}) (Version: 1.4.0.1 - Pinger Inc.) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c181af69-512a-4df3-8c0e-5f03c71e3999) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-021e71e8-e600-4bf2-ba40-890cfd655046) (Version: 2.2.0.97 - WildTangent) Hidden
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Roads of Rome 3 (HKLM-x32\...\WTA-29d2c708-dd2e-41e2-9331-c5ecb9ee3b23) (Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-b966154f-37a1-4edd-afb5-f4c9e55acfdd) (Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-772ae0ba-09e1-49c7-b7d7-3e42e32c3225) (Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-c937b78b-f919-4a16-af7f-c11cfee857df) (Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.15 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
WordBiz 1.8.7 (HKLM-x32\...\WordBiz_0) (Version:  - )
Youda Jewel Shop (HKLM-x32\...\WTA-9f885328-ac0d-46a4-a10b-bd996956da50) (Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-ca87dcf1-1b62-4592-8eb8-cb830d776969) (Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7C1B3FFFC140}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Dina\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1033863130-1813703899-2551087964-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt_20150210_09_56_28.dll [2015-02-10] (Cyberlink)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [SDContextExt] -> {70F8E90E-353A-47AB-B297-C576345EE693} => C:\Program Files (x86)\PC Tools\PC Tools Security\SDContextExt64.dll [2012-11-01] (PC Tools)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt_20150210_09_56_28.dll [2015-02-10] (Cyberlink)
ContextMenuHandlers2: [SDContextExt] -> {70F8E90E-353A-47AB-B297-C576345EE693} => C:\Program Files (x86)\PC Tools\PC Tools Security\SDContextExt64.dll [2012-11-01] (PC Tools)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [SDContextExt] -> {70F8E90E-353A-47AB-B297-C576345EE693} => C:\Program Files (x86)\PC Tools\PC Tools Security\SDContextExt64.dll [2012-11-01] (PC Tools)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-1033863130-1813703899-2551087964-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1033863130-1813703899-2551087964-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1033863130-1813703899-2551087964-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dina\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00E8B84B-2B4C-40E4-820C-0F61DDBD3EFE} - System32\Tasks\{A4E54E16-28A9-4643-A32F-B36698BBD51F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Dina\Documents\Dina's stuff\Kai's stuff\kai\forge-1.8-11.14.1.1334-installer-win.exe" -d "C:\Users\Dina\Documents\Dina's stuff\Kai's stuff\kai"
Task: {0BAE806E-35AD-4491-9868-5C4B0823244B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1033863130-1813703899-2551087964-1002Core1d236cbeb849965 => C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {0E9778E4-AB05-41A6-BE9D-B66C9022ED09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {1425D97C-D9B2-48CC-A3E0-6568769D120D} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {157AD7DF-1CB7-4465-946B-CA54BBE5EC44} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {2FB07C6A-D745-4ACD-B53B-C05365B97F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3AA00B50-E562-49D0-BA83-9EAA07D5CC63} - System32\Tasks\G2MUploadTask-S-1-5-21-1033863130-1813703899-2551087964-1002 => C:\Users\Dina\AppData\Local\GoToMeeting\7297\g2mupload.exe [2017-07-12] (LogMeIn, Inc.)
Task: {3AD9CA8C-567E-4FE2-A872-6726BB0A40D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {3BA7B312-213A-48C8-A156-D73E80B01821} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {500D2FEB-5659-4370-88E4-DC484312559E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {51FEC1D0-E498-4741-820A-53B5319E3099} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {56746827-1D84-48A2-98D4-2B0A25109A13} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5F032551-CC21-4B9D-8D08-78684D7728EC} - System32\Tasks\HPCeeScheduleForDina => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {64021B81-8A4F-4A93-95F3-0BE17220C7B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {6AD2F41D-5E7E-44DF-8ADC-4E6627440D4C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6DEAD249-0838-4449-B04A-7A4B97CF074A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {6F22643B-9550-4D1F-BA6B-76BF0D7518DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
Task: {76857C81-66A3-4106-AC4A-D621B01CFA6D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7AAEC5A8-8F66-4F15-B14C-9FDD3908B863} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7DE70B92-CB18-4C53-9BFC-CF843B64C8E5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-04-12] (McAfee, Inc.)
Task: {80972AAE-09BA-46FA-81A4-2E892EC21734} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {829B7134-B6D1-4C76-A0C8-3F206CDDED60} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {881D5D5A-967F-4AC2-8637-ACBD97D909DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN5CRFX3QB => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {89506019-0F23-47E7-8115-C3FEA622C533} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.)
Task: {91DE97CD-1A00-4D54-BA6C-773764409FCD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9291057B-A064-486D-B221-6A75D21A1046} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation)
Task: {94D7B3FC-747A-4B8F-98ED-AA462B66DE92} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1033863130-1813703899-2551087964-1002UA1d236cbebb245c3 => C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {96E4B776-B0B6-4C63-A18B-C1DE11924406} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9D6C2709-69FE-4BB2-B6F1-B29C96CB21FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {A525E825-538E-4D04-9AA4-F3D56F7A9F4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {A73A9E61-81E9-46A1-9712-0A850E93CC8F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A9AD186E-B432-46DC-9142-8C6076ED3250} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {AF1DFA9E-F2E4-4BD0-BC9E-93039D935CC8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B5C425C0-96CD-41D3-AF05-0B21CAE01253} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {B611A114-C1FE-480F-A253-C87D93CAEAF2} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {B7501F00-BF99-47CF-8CD2-9E7966BFF93E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BF35F987-BE5E-44E7-AA94-48D71E650BF1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {CA4C223F-779A-4A45-AEDA-6461439A81DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CC06D117-25A9-4988-918B-2713AAABFED4} - System32\Tasks\HP AR Program Upload - 3636f3f954324e829a8c8ec5c05bde22729ef2ca8ca0495088f1bd22320a887b => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {D0B59049-07DA-424F-BE97-7E5A56353091} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {D27E388B-7F38-4678-B14A-1B205C489D7D} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {F83AD649-B2DA-4A08-A2CD-9994F1C79C88} - System32\Tasks\G2MUpdateTask-S-1-5-21-1033863130-1813703899-2551087964-1002 => C:\Users\Dina\AppData\Local\GoToMeeting\7297\g2mupdate.exe [2017-07-12] (LogMeIn, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1033863130-1813703899-2551087964-1002Core1d236cbeb849965.job => C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1033863130-1813703899-2551087964-1002UA1d236cbebb245c3.job => C:\Users\Dina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1033863130-1813703899-2551087964-1002.job => C:\Users\Dina\AppData\Local\GoToMeeting\7297\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1033863130-1813703899-2551087964-1002.job => C:\Users\Dina\AppData\Local\GoToMeeting\7297\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDina.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2014-05-05 11:42 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-25 10:48 - 2013-09-25 10:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-22 09:21 - 2017-01-31 08:34 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-03-18 16:59 - 2017-03-18 22:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-10-14 11:30 - 2013-10-14 11:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2017-07-14 10:27 - 2017-07-14 10:27 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-07-14 10:26 - 2017-07-14 10:26 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-07-25 18:59 - 2017-07-25 03:42 - 03824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.78\libglesv2.dll
2017-07-25 18:59 - 2017-07-25 03:42 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.78\libegl.dll
2017-05-23 13:39 - 2017-05-23 13:39 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-25 08:39 - 2017-07-25 08:40 - 10631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-07-25 08:39 - 2017-07-25 08:39 - 02640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-07-25 08:39 - 2017-07-25 08:40 - 00760832 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-26 11:22 - 2017-05-26 11:22 - 02156752 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-07-16 15:24 - 2017-07-16 15:25 - 05162392 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1706.3.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-11-21 22:21 - 2016-11-21 22:23 - 03379200 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\Avatars.dll
2016-11-21 22:21 - 2016-11-21 22:23 - 00370176 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\Gamerpics.dll
2017-07-27 15:09 - 2017-07-27 15:10 - 00843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.1706.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2017-02-22 10:58 - 2017-02-22 11:00 - 09991072 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\Microsoft.Xbox.Services.dll
2017-02-22 10:58 - 2017-02-22 11:00 - 01341344 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.6200.0_x64__8wekyb3d8bbwe\cpprest140_uwp_2_8.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-12 13:26 - 2017-07-12 13:26 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-05-23 13:39 - 2017-05-23 13:39 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 10:19 - 2017-06-15 10:21 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-03 15:21 - 2016-06-03 15:22 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-12 13:26 - 2017-07-12 13:26 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-06 14:03 - 2017-05-06 14:07 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2014-05-25 21:57 - 2012-11-01 15:34 - 00092792 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll
2014-05-25 22:00 - 2012-10-23 17:40 - 00109688 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BSPatch.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-25 11:51 - 2016-10-25 11:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 02:08 - 2016-10-12 02:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 02:08 - 2016-10-12 02:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 02:08 - 2016-10-12 02:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 02:08 - 2016-10-12 02:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 11:49 - 2016-10-25 11:49 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 02:08 - 2016-10-12 02:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-07-04 10:35 - 2017-07-04 10:35 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2016-06-02 20:50 - 2016-06-02 20:50 - 00609280 _____ () C:\Program Files\WinZip\adxloader.dll
2017-07-02 17:33 - 2017-07-02 17:33 - 28985328 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.dll
2017-02-17 15:34 - 2017-02-17 15:34 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\sqlite.dll
2017-07-02 17:33 - 2017-07-02 17:33 - 69743184 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [165]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2017-07-13 19:11 - 00000889 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 64.71.255.204 - 64.71.255.198
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1033863130-1813703899-2551087964-1002\...\StartupApproved\Run: => "Spotify"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{EDDFF748-2203-4FD5-83E7-5104977B0B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Birthdays the Beginning\game.exe
FirewallRules: [{9F6FC011-F4D9-40E5-90E6-6AC4FB61FB15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Birthdays the Beginning\game.exe
FirewallRules: [{2DF5F80B-9B33-45DB-8C4B-1C0BE4A2A775}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D37BEC50-A19E-4199-9B96-85DD3F170A6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{59D3BD3A-96CB-4D67-B503-52022E2E098A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A1471E94-2041-4366-94F4-6CCA604806BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{2F65ADDD-90BD-4F9C-A716-014853C4F8DD}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{D52611BC-3447-4496-B878-120FB9E6A95A}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{F0F63B5B-8E15-4F4B-B2FF-EB91595A2DE6}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS21C3\HPDiagnosticCoreUI.exe
FirewallRules: [{D4758AB4-70FD-49C3-841C-B4E6AFA7214B}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS21C3\HPDiagnosticCoreUI.exe
FirewallRules: [{D8624901-7620-41D0-802A-C03B37EAB455}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS70D1\HPDiagnosticCoreUI.exe
FirewallRules: [{4063635C-04AA-441E-AA31-7FD1078F69C8}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS70D1\HPDiagnosticCoreUI.exe
FirewallRules: [{72F01D2B-7584-43DC-92FA-D96F5125892E}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{E09117A2-E1A4-4846-8087-1933C4CE555E}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0BE5\HPDiagnosticCoreUI.exe
FirewallRules: [{40B7C4B6-C156-4E1F-8966-9071CF1EBF59}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0B6F\HPDiagnosticCoreUI.exe
FirewallRules: [{7BDC39A0-F0F8-46C4-BEC5-7CD211775D56}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0B6F\HPDiagnosticCoreUI.exe
FirewallRules: [{D7B0FD60-0FC9-40FF-804D-17F45F6F1864}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS05FE\HPDiagnosticCoreUI.exe
FirewallRules: [{1409E55E-CE43-42D9-A470-C75FB3D59FB9}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS05FE\HPDiagnosticCoreUI.exe
FirewallRules: [{8F45F89A-6820-4B9F-9052-DE19A4D0408B}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0592\HPDiagnosticCoreUI.exe
FirewallRules: [{8B43BD44-1BC1-49A1-A061-0817C5D1FF63}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0592\HPDiagnosticCoreUI.exe
FirewallRules: [{E086D1F8-BAE3-46B1-A0E7-38A9FD05047F}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0509\HPDiagnosticCoreUI.exe
FirewallRules: [{12B45469-FAC2-4817-B88B-33D305F7E2D6}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0509\HPDiagnosticCoreUI.exe
FirewallRules: [{D8962C3E-510E-4F28-9862-C2245660DE48}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{B6C8A354-2B46-4F06-B1D9-BA03CB0EE672}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{276A1796-272C-4CA0-B298-C4DC4D396DC7}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6F57\HPDiagnosticCoreUI.exe
FirewallRules: [{C7A46389-A88B-49E0-B1CD-2FC9E170502D}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6F57\HPDiagnosticCoreUI.exe
FirewallRules: [{0AB58922-8840-4811-8393-46EDFB1A9455}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS4B59\HPDiagnosticCoreUI.exe
FirewallRules: [{B7613995-B191-4925-96DA-280C71773DAE}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS4B59\HPDiagnosticCoreUI.exe
FirewallRules: [{C3ACEA48-4025-435C-9335-074B3FB5DE2B}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1ACB\HPDiagnosticCoreUI.exe
FirewallRules: [{052E765D-DCEA-49DC-8735-BEB6F40BBF58}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1ACB\HPDiagnosticCoreUI.exe
FirewallRules: [{231C295F-B267-4061-888A-E8D50477B397}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS5408\HPDiagnosticCoreUI.exe
FirewallRules: [{E5E45A49-AA78-4CCE-87D5-234697EACB72}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS5408\HPDiagnosticCoreUI.exe
FirewallRules: [{084B41E9-49C5-4096-B722-3E42E3BF7BD9}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS79C3\HPDiagnosticCoreUI.exe
FirewallRules: [{191BDC8B-6641-47EB-BED6-1FCC84B75124}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS79C3\HPDiagnosticCoreUI.exe
FirewallRules: [{411AD08B-C913-461E-A694-21C10EEA9F1A}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS089D\HPDiagnosticCoreUI.exe
FirewallRules: [{18B41B42-74E6-4D87-9FDD-C35C6AD9E412}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS089D\HPDiagnosticCoreUI.exe
FirewallRules: [{759731B3-4C68-491F-A50B-917DEB69BFEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ABE16FB0-1BAA-445E-8E5D-8507EA9BAA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B6D739D-8FA7-4BC1-8841-6E004479118D}] => (Allow) C:\Users\Dina\AppData\Local\Temp\nsuF836.tmp\Installer-75728284.exe
FirewallRules: [{A6065915-AA66-4609-81D5-6E8C54D2ABA3}] => (Allow) C:\Users\Dina\AppData\Local\Temp\nsuF836.tmp\Installer-75728284.exe
FirewallRules: [{566ADD11-DC72-4D52-8BED-4EE53A635DFD}] => (Allow) C:\Users\Dina\AppData\Local\Temp\nsy2C40.tmp\Installer-75728284.exe
FirewallRules: [{535DFEA5-CBA0-4FBD-8F76-CD32378BB2A3}] => (Allow) C:\Users\Dina\AppData\Local\Temp\nsy2C40.tmp\Installer-75728284.exe
FirewallRules: [{28925B0C-A13C-4399-9564-7D90909AB8EA}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS382A\HPDiagnosticCoreUI.exe
FirewallRules: [{7A464894-6FDD-4036-9C3B-A2843C6C36B2}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS382A\HPDiagnosticCoreUI.exe
FirewallRules: [{C46A8236-763B-45E8-B885-C204DCD0777F}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS37D9\HPDiagnosticCoreUI.exe
FirewallRules: [{DFD539FC-0256-4191-92B8-0B58D03EFC84}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS37D9\HPDiagnosticCoreUI.exe
FirewallRules: [{053A6B66-CDE6-4024-91A5-3DCBE0C6DAC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5D11B40-5897-49A9-818F-A36FFADE9CB9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F8AFAFA-B222-4EDF-BB7F-54B0B1E708FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D3F07D2D-2C19-44DA-B9E6-9DFE56A079D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F38FF7C-30AC-4324-B4B9-AE33CBAA6DE5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1B148C6F-37B0-4D55-BB14-74DB1E92FE29}] => (Allow) LPort=2869
FirewallRules: [{83B54289-1F34-4EAF-ADE2-97B34B2798AE}] => (Allow) LPort=1900
FirewallRules: [{50241FF8-896F-454C-9AE5-E1021FE73377}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{168B2254-23A6-404B-901C-0688A0930C80}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{F18F4D21-500C-4527-ABB3-C959A279F310}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{742810E4-D388-441B-8973-F0C9AA267C24}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{356ECA48-88A3-4034-9255-6809EDDC91FB}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{441B4144-2B8B-4045-AFC1-D0FDB5D2C6FD}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{E4B34BD9-CF96-40D8-AFF9-BB5A97055CE9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3DFBAAC5-8494-42FC-B71E-F8CB0F1606A2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FC1237EE-A130-4250-919C-E6F6F45BE9C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{FD631EE2-523D-4386-AA78-A4C1E6DE75D7}] => (Allow) C:\Users\Dina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{73CAEC0A-F58E-401C-BF1D-456D61FE0B99}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{148BA72E-8F14-4114-A621-FAF08559F6FA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FA2D0934-06E7-4F72-A6C7-2DBF9D1DFA58}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D9130F38-148A-4F77-B220-62DD4851BF69}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{75462DA8-7575-497F-8038-A238B692E248}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{DE95CBD3-705C-42E0-9545-EDB0E23554DA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{AFFD6E46-8C33-4A06-A52D-7A10DB25B77B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{B3A7625C-F085-439E-85BE-29D70A0CFDF9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{CAD733D4-8511-41B0-BEAA-F2BFFE0BB1C2}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS7743\HPDiagnosticCoreUI.exe
FirewallRules: [{A964C039-0B3F-485C-AE3E-62C3109EA3C8}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS7743\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{4187DD83-2FDE-4679-9E41-487CF73C0C0D}C:\users\dina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dina\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{95D88EAA-C8CD-4929-8B81-358DAFD0E667}C:\users\dina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dina\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{764A2AD4-4879-41C9-8FE0-14C76D5E0C86}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{02DE0915-A8D6-4E36-8ACA-9BE7CDADF910}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B734FDE8-1B1B-4FBE-AECE-04FD7B84152F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3C630F4B-40D8-4B14-A48E-0632914DBEC4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{43CF85A7-A99D-4116-9D7A-F3273F073A13}C:\users\dina\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\dina\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9CFDDD2B-3CC1-422E-9CD9-9091FFE8482D}C:\users\dina\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\dina\appdata\roaming\spotify\spotify.exe
FirewallRules: [{984D050B-EC7F-48C8-BE56-FF3B8CA0E133}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{0D0D07C4-2532-4714-8EF3-BA3D928657CB}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6B0B\HPDiagnosticCoreUI.exe
FirewallRules: [{CDEF14BE-F02D-4B8E-8DA2-DC2FA007C788}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6B0B\HPDiagnosticCoreUI.exe
FirewallRules: [{4C9D8F86-60A6-426A-9CE0-B4F8A0D4B0AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F2F31BC-4A1C-4F9D-B9B3-39D16EB55B7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{376FE601-1352-4EFF-AB75-C6B2550ACFFA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6643E8C0-BFB1-4CC1-91A7-477887E10623}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{66B086E1-E62F-4BA8-95BC-341180B247D6}] => (Allow) C:\Users\Dina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3ECEBB30-3F57-4DDF-9954-8D6C05D13D30}] => (Allow) C:\Users\Dina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{77C96DEB-3287-4C1D-8B3D-65C73C2A0881}C:\users\dina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{EE5D3FA7-A26C-4D8F-979F-D643B99DDBDF}C:\users\dina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F6983CC7-1CD1-42A4-97D0-0B6E8EDD5F48}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS08CC\HPDiagnosticCoreUI.exe
FirewallRules: [{E38F0BDE-AE18-4740-B1EA-3E55D50AFF13}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS08CC\HPDiagnosticCoreUI.exe
FirewallRules: [{191477EF-8882-4BA4-9F33-F111C67CB36E}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS094F\HPDiagnosticCoreUI.exe
FirewallRules: [{93300A35-CC63-4D25-B7B8-B6F6EF70CE81}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS094F\HPDiagnosticCoreUI.exe
FirewallRules: [{AF6D9C90-942E-4BDD-ACB0-7D511A6ECF56}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0A88\HPDiagnosticCoreUI.exe
FirewallRules: [{E3AD842E-C1F9-451F-AA37-FCE343A08CD7}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0A88\HPDiagnosticCoreUI.exe
FirewallRules: [{5BFB6694-C452-432A-B322-B8D47DC63494}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS031A\HPDiagnosticCoreUI.exe
FirewallRules: [{C0A704EF-DA73-4343-BAF2-7C33BA127DE3}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS031A\HPDiagnosticCoreUI.exe
FirewallRules: [{4CF645EC-AE82-46EC-8034-29B70CF35687}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0B62\HPDiagnosticCoreUI.exe
FirewallRules: [{D92F1B12-284D-4E73-BA30-4ABD95B16332}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS0B62\HPDiagnosticCoreUI.exe
FirewallRules: [{C164CC70-6E3E-4F92-8A90-13FAA3E55421}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS3493\HPDiagnosticCoreUI.exe
FirewallRules: [{34353B31-816D-46E0-83B6-F9C712D95588}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS3493\HPDiagnosticCoreUI.exe
FirewallRules: [{CBDFEED8-D7A8-4B63-BBA8-8F244A0BEBE6}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS01BE\HPDiagnosticCoreUI.exe
FirewallRules: [{FBCF4926-295C-4655-AAC1-13B9D352F7BB}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS01BE\HPDiagnosticCoreUI.exe
FirewallRules: [{AA03CB23-3AA3-4F33-B87D-8E0236F48F69}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2A1D\HPDiagnosticCoreUI.exe
FirewallRules: [{AC8D50D9-6D45-452E-8EC7-A93B76BB2CD1}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2A1D\HPDiagnosticCoreUI.exe
FirewallRules: [{1309F1B1-12A4-4FD3-A9B5-6DD848D61D2D}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS564E\HPDiagnosticCoreUI.exe
FirewallRules: [{EE7C502C-3A3E-428A-A161-98D07EEABAB8}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS564E\HPDiagnosticCoreUI.exe
FirewallRules: [{C52557E7-2147-44E8-96C4-8FDF8E346530}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS56EB\HPDiagnosticCoreUI.exe
FirewallRules: [{D4A0DF3D-66F1-4A80-AC75-46669629DCED}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS56EB\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{E49394C1-CFCE-4F91-B2CB-DF180F25AD08}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7CE40080-92FD-4C1F-BA3E-C215CEDCD187}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{E21DEC20-BBCB-45F4-8472-8CBEE4E7B4B8}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1DEA\HPDiagnosticCoreUI.exe
FirewallRules: [{8938FE6E-2ABF-4F62-9D47-0667B4B1D456}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1DEA\HPDiagnosticCoreUI.exe
FirewallRules: [{8F331EAE-1986-4E05-8B6C-D8EEF70E1A3C}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1E56\HPDiagnosticCoreUI.exe
FirewallRules: [{2526FA24-1EFC-4090-AC82-7A6FCE11DF27}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS1E56\HPDiagnosticCoreUI.exe
FirewallRules: [{B9142BAB-0BF3-4EBE-A026-8FEFC95483FD}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS7D1A\hppiw.exe
FirewallRules: [{C84430E5-EB3D-4283-BA7F-C4227276437C}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS7D1A\hppiw.exe
FirewallRules: [{A21F2A9D-C8D1-47EC-82C8-54C8C6CD267C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{05F9CF43-2F67-4E12-B19D-BEAAF907D9CD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{7F0E67A9-9B70-402E-AC23-B3B6CD6E5872}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{96C6F7E4-B2E5-4E6B-A96E-4119E97EBD3C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{E4BDCD6C-D69C-4A7E-9347-7B69C068F7D2}] => (Allow) LPort=5357
FirewallRules: [{270F64A5-35C8-4D86-B5DE-02E7F5509599}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CFEE1E82-6D55-4B47-A815-9DF45BAD1EF7}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2AD3\HPDiagnosticCoreUI.exe
FirewallRules: [{C950AA7F-0149-4354-9A7E-59B4FAC19FF2}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2AD3\HPDiagnosticCoreUI.exe
FirewallRules: [{F08FA6B0-3C10-4AB4-96A9-44068DF9E461}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS262F\HPDiagnosticCoreUI.exe
FirewallRules: [{15DC979F-AFA5-403C-A985-C2545BEC5FB6}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS262F\HPDiagnosticCoreUI.exe
FirewallRules: [{64C7B04A-736B-4358-8FFE-1CBC203E34EB}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS79FE\HPDiagnosticCoreUI.exe
FirewallRules: [{30AD1A34-7773-4AB0-8E2E-3EBCA44016F2}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS79FE\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{B01F24D5-21C1-4B3B-8CA7-5B1042438B82}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{175315C2-72DF-4873-B57A-7CBC732316F7}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{EDD86D89-E585-4C43-8112-ED030770230A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4E8EB9EE-71DF-4C89-84ED-0ED83838E5EC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{04BFAB24-35DF-45E0-98F6-B7E6EEBFA9C1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{D88E0219-CC5D-4241-B80C-ECCEEFBA1AB6}C:\users\dina\documents\kai's stuff\cura for startt\cura for startt.exe] => (Allow) C:\users\dina\documents\kai's stuff\cura for startt\cura for startt.exe
FirewallRules: [UDP Query User{852B966B-014D-4C7C-B63F-D9DBFA6BF074}C:\users\dina\documents\kai's stuff\cura for startt\cura for startt.exe] => (Allow) C:\users\dina\documents\kai's stuff\cura for startt\cura for startt.exe
FirewallRules: [{ED73A26C-1044-401C-B4F6-4ACCD7B628A0}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS224B\HPDiagnosticCoreUI.exe
FirewallRules: [{7516F0C4-423B-487C-BF79-0751BA0401A1}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS224B\HPDiagnosticCoreUI.exe
FirewallRules: [{7108B094-22E5-4ACF-B6E4-B5A86DE7883C}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2339\HPDiagnosticCoreUI.exe
FirewallRules: [{3917B8F3-CFD0-4416-8F7B-4354C52150DC}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS2339\HPDiagnosticCoreUI.exe
FirewallRules: [{02A59DC3-F30B-45B9-A488-8A468FC14F36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B46A94DE-7640-4CE7-AE11-DFCAC08C2DC3}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6D25\HPDiagnosticCoreUI.exe
FirewallRules: [{8A223C5E-C373-4F6F-8307-3B5C2FBA98D6}] => (Allow) C:\Users\Dina\AppData\Local\Temp\7zS6D25\HPDiagnosticCoreUI.exe
 
==================== Restore Points =========================
 
08-07-2017 22:28:53 Scheduled Checkpoint
18-07-2017 13:27:04 Scheduled Checkpoint
27-07-2017 17:11:42 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/28/2017 08:55:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5017016
 
Error: (07/28/2017 08:55:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5017016
 
Error: (07/28/2017 08:55:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/28/2017 07:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5125
 
Error: (07/28/2017 07:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5125
 
Error: (07/28/2017 07:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/28/2017 07:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2891
 
Error: (07/28/2017 07:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2891
 
Error: (07/28/2017 07:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/28/2017 07:31:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1406
 
 
System errors:
=============
Error: (07/28/2017 08:55:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/28/2017 02:26:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/28/2017 11:09:43 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (07/28/2017 09:10:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (07/28/2017 09:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/28/2017 09:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/27/2017 05:11:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (07/27/2017 05:01:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (07/27/2017 03:05:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (07/27/2017 03:02:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-4555M APU with Radeon™ HD Graphics 
Percentage of memory in use: 73%
Total physical RAM: 7366.26 MB
Available physical RAM: 1973.16 MB
Total Virtual: 8518.26 MB
Available Virtual: 2425.74 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:678.25 GB) (Free:557.4 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.18 GB) (Free:1.9 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A5D30C92)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 RayS

RayS

  • Malware Study Hall Senior
  • 2,378 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:07 AM

Posted 28 July 2017 - 09:53 PM

Hello AmeliaEar,

My name is Ray and I'll be assisting you with your issue. Please give me a day or two to review your logs and prepare a reply. Since I'm still a trainee, all my posts have to be reviewed by my instructor prior to being posted to make sure that you receive the best assistance possible.

Thank you for your understanding, I'll be with you shortly!

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#3 AmeliaEar

AmeliaEar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 28 July 2017 - 10:29 PM

Thank you RayS!  When I posted this I got a "timed out" message three times, so I didn't think this post had actually made it to you.  Look forward to your response.

 

Dina



#4 RayS

RayS

  • Malware Study Hall Senior
  • 2,378 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:07 AM

Posted 29 July 2017 - 12:31 PM

Hello Dina,

 

Welcome to Bleeping Computer.


PC Tools AntiVirus Free 9.1 is retired

The PC Tools AntiVirus Free 9.1 product was retired on May 18, 2013. See this site for more info. I recommend that you uninstall PC Tools AntiVirus Free 9.1 and use the built-in Microsoft Windows Defender as your primary anti-virus tool. If you prefer to use a third-party AV product, both Avast and Panda are well regarded and they both have a free version in addition to their paid version.

If you agree to uninstall PC Tools Antivirus, do the following:

  • Press Windows key + R on your keyboard at the same time.
  • Type appwiz.cpl and press Enter.
  • A list of installed programs will be displayed.
  • Uninstall the following by clicking on the program below (and any other similar names) and selecting Remove or Uninstall.

PC Tools Antivirus

  • Follow the prompts.
  • Reboot your computer

 

 

Do a complete antivirus scan of your PC

  • Please let me know which antivirus product you install (if any) or whether you will use the built-in Microsoft Windows Defender.
  • Do a complete antivirus scan of your system and copy and paste the scan results into your reply. Let me know if you need guidance on how to perform a scan and I will provide it in my next post.

 

 

 

Summary

  • Please tell me whether you deleted PC Tools Antivirus.
  • Tell me which antivirus tool you are now using.
  • Copy and paste the scan result into the body of your reply or ask for guidance.
  • On what date did you first detect a possible malware threat? Other than slow performance, what other symptoms do you see?
  • Give me any other info that you think is relevant.

 

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#5 AmeliaEar

AmeliaEar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 30 July 2017 - 07:52 AM

Hi Ray,

 

So I deleted PCTools as you advised, found Windows Defender (which I didn't even realize I had), and ran a full scan.

 

 I tried to copy the scan report and paste it in here using print screen but it didn't work.

 

Basically it said it scanned over 1.16M files and no threats were found and no actions are needed.  It says protections are up to date.  There was no log file or anything.

 

I also ran an "offline scan" for potential viruses that are apparently hard to find.  Same results, no problems.

 

Checked under device health and it also says everything is fine.

 

So why did PC Tools find that virus, and is it there or not?  And is my machine just slow because a lot has been loaded on?

 

Mystified.

 

thanks,

 

Dina



#6 RayS

RayS

  • Malware Study Hall Senior
  • 2,378 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:07 AM

Posted 31 July 2017 - 10:45 AM

Hello Dina,

PC Tools report

It's hard to say whether the report you saw from that out-of-date product was or was not valid. The point is moot now that you are using modern scanners.


Scan results

Your scan results and device checking are all good news. Please tell me which product you used for the "offline scan". I may have an additional product for you.


Slow Computer

Please describe this more fully. For example:

  • Does the computer boot up slowly?
  • Are there particular programs that load slowly? Which ones?
  • Once loaded, do some or all programs run slowly? Which ones?

Firefox is your default browser.

  • Does your Home page come up slowly?
  • Do most other pages launch slowly?
  • When you are browsing the internet and performance lags, is it because of your computer, or is your internet connection slow? In other words, when you click on a link or enter a web address and press Enter, do you see "Waiting for <name of web site>" near the bottom of the browser's window?

 

 

Summary

  • Tell me what offline product you used.
  • What specifically is slow about your computing experience?
  • How is your computer running now?

Regards,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#7 AmeliaEar

AmeliaEar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:07 AM

Posted 31 July 2017 - 10:57 AM

Hi Ray,

 

Thanks for this.

 

1.  I used the offline scan that Windows Defender offers.

2.  The slowness comes and goes. Sometimes startup seems slow.  Sometimes it seems to be related partly to internet - my wireless connection drops occasionally - so programs like Skype seem very slow to load.  The wireless connection thing has been an issue for a while, I've tried various strategies to fix it but with limited success. But also when I'm using Adobe DC Pro, and once in a while in Word, things slow down and I get a "not responding" message for a minute or two while things load or process or what have you.

3.  Computer seems to be working fine now.  Firefox is my default browser but I should probably change that to Chrome, which I tend to use as my basic these days.  

 

So maybe all of this is a non-issue caused by an out of date virus scanner!

 

Thanks

 

Dina



#8 RayS

RayS

  • Malware Study Hall Senior
  • 2,378 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:07 AM

Posted 01 August 2017 - 03:35 PM

Hi Dina,
 
Thank you for the additional info.
 
I noticed that 73% of memory was in use at the time when you performed the scan with FRST. It's not unusual for this number to fluctuate widely, but a sustained rate at that level leads me to wonder what is consuming so much memory.
 
 
Monitor memory usage
 

  • Please press Ctrl + Shift + Esc together to open Windows Task Manager.
  • Click More details in the lower left of the Task Manager window.
  • Click Processes tab.
  • In the View menu item, remove the checkmark from Group by type and click Collapse all.
  • Click the top of the Memory column to sort the display.
  • Tell me the name and the amount of memory (MegaBytes) consumed by the top three users and the percentage of Memory in use (at the top of the column).

Please repeat the steps above several times while doing a variety of your normal tasks especially when your PC is performing slowly. I'd like to see if a pattern emerges to show what's hogging your machine's resources.

 

Summary

 

  • Give me several "snapshots" of memory usage (as described above).
  • How is your PC running now?

 

Thank you,

 

Ray

 


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#9 RayS

RayS

  • Malware Study Hall Senior
  • 2,378 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:07 AM

Posted 05 August 2017 - 01:11 AM

Hi Dina,

3 Day Bump

It has been 3 days since my last post.

  • Do you still need help with this? If not, please let me know as soon as possible. Other people are requesting my help.
  • If you will be away for an extended period, please let me know in advance.
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,254 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:07 PM

Posted 07 August 2017 - 05:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users