TechSpot

All Browsers Run Slow and Freeze Up, Tons of Pop Ups In Chrome

By SeanInTulsa
Sep 11, 2015
  1. I updated to Win 10 from 8.1.1 last Tuesday, and everything was fine. I went through multiple restarts without a problem. I woke up Friday morning and the computer had rebooted.

    Ever since, the internet has been very slow at times, with the same problems in Chrome, Firefox, Edge, and Maxthon:

    * I'll go to type something in the address bar. The old address highlights, but what I type in doesn't show up for 10-15 seconds, and when it does, it's in slow motion.

    * A page will open almost immediately, but it just sits there frozen for up to a minute.

    * This morning, in Chrome only, I started getting popups every time I click on an action button on the page I'm on, like hitting "deleteL on an email. I happens even if I go to type something in a response box on the page, like sign-in, etc. I've never seen pop ups like this before. They're targeted to the page I'm on. When I'm in Yahoo mail, the popups look like they're yahoo pop ups. When I'm on a car forum, the popups are for auto parts. When I was on the Comodo site, they're for anti-virus.

    I run Comodo Internet Security. I've scanned with it, and also done a Comodo Cleaning Essentials scan.

    I've run CCleaner and Malwarebytes several times, as well as the ESET Scanner and SuperAnti-Spyware.

    Any help would be appreciated, it is getting worse!

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
    Ran by Sean (administrator) on OWNER-PC (11-09-2015 19:58:37)
    Running from C:\Users\Sean\Desktop
    Loaded Profiles: Sean (Available Profiles: Sean)
    Platform: Windows 10 Home (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
    (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\spider.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-31] (Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-07] (COMODO)
    HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1404696771\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-09-05] (Oracle Corporation)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-09-05] (Piriform Ltd)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [Google Update] => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-25] (Google Inc.)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [OneDrive] => C:\Users\Sean\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-01] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-04-21]
    ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
    Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-09]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
    Tcpip\..\Interfaces\{f4393aa7-8666-49cc-99b2-08e1295ea72d}: [NameServer] 156.154.70.22,156.154.71.22
    Tcpip\..\Interfaces\{f4393aa7-8666-49cc-99b2-08e1295ea72d}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-05] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-05] (Oracle Corporation)
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

    FireFox:
    ========
    FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\0tthv388.default-1441562848759
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-05] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-05] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-05] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-08] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-08] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sean\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @talk.google.com/O1DPlugin -> C:\Users\Sean\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-06-26] (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Sean\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Sean\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxp://www.yahoo.com/"
    CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-22]
    CHR Extension: (YouTube) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-22]
    CHR Extension: (Webpage Screenshot) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-03-19]
    CHR Extension: (Google Search) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-22]
    CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2015-03-18]
    CHR Extension: (Google Docs Offline) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
    CHR Extension: (Lazarus: Form Recovery) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-03-23]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22]
    CHR Extension: (Khan Academy) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko [2015-02-15]
    CHR Extension: (Gmail) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-22]
    CHR Extension: (kik) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi [2015-04-22]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-03-16] (SUPERAntiSpyware.com)
    S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
    R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-07] (COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-07] (COMODO)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-21] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
    R1 BIOS_SMI_DRIVER; C:\Windows\system32\drivers\SMIBIOS64.sys [13912 2013-08-31] ()
    R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2013-06-13] (BIOSTAR Group)
    R1 BSMEM; C:\Windows\SysWOW64\drivers\BSMEM.sys [17024 2012-07-26] (BIOSTAR Group) [File not signed]
    R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-04] (COMODO)
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-04] (COMODO)
    R1 cmdHlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-04] (COMODO)
    S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
    R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-09-01] (COMODO)
    R3 kglcapow; C:\Users\Sean\AppData\Local\Temp\kglcapow.sys [56496 2015-09-11] (GMER) [File not signed]
    S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-07-21] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-21] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-07-21] (Malwarebytes Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
     
  2. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-11 19:57 - 2015-09-11 19:57 - 00000000 ____D C:\Users\Sean\Desktop\FRST-OlderVersion
    2015-09-11 19:12 - 2015-09-11 19:12 - 02816040 _____ C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe
    2015-09-11 18:58 - 2015-09-11 18:58 - 00016148 _____ C:\WINDOWS\system32\OWNER-PC_Sean_HistoryPrediction.bin
    2015-09-11 18:57 - 2015-09-11 18:57 - 638651999 _____ C:\WINDOWS\MEMORY.DMP
    2015-09-11 18:57 - 2015-09-11 18:57 - 00319928 _____ C:\WINDOWS\Minidump\091115-23921-01.dmp
    2015-09-11 18:57 - 2015-09-11 18:57 - 00000000 ____D C:\WINDOWS\Minidump
    2015-09-11 18:54 - 2015-09-11 18:54 - 00380416 _____ C:\Users\Sean\Downloads\30x1hssv.exe
    2015-09-11 18:13 - 2015-09-11 18:13 - 00000386 _____ C:\WINDOWS\PFRO.log
    2015-09-11 18:12 - 2015-09-11 18:12 - 00000000 ____D C:\CCE_Quarantine
    2015-09-11 14:57 - 2015-09-11 14:57 - 00000794 _____ C:\WINDOWS\setupact.log
    2015-09-11 14:57 - 2015-09-11 14:57 - 00000000 _____ C:\WINDOWS\setuperr.log
    2015-09-11 14:18 - 2015-09-11 14:18 - 00000000 ____D C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1)
    2015-09-11 14:17 - 2015-09-11 14:17 - 25543261 _____ C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1).zip
    2015-09-11 12:35 - 2015-09-11 12:35 - 02870984 _____ (ESET) C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe
    2015-09-11 12:34 - 2015-09-11 12:34 - 00000000 _____ C:\Users\Sean\Downloads\esetsmartinstaller_enu_exe.l7o9ats.partial
    2015-09-09 22:16 - 2015-09-09 22:16 - 00007596 _____ C:\Users\Sean\AppData\Local\Resmon.ResmonCfg
    2015-09-09 16:15 - 2015-09-11 19:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2015-09-09 01:41 - 2015-09-09 01:41 - 00000989 _____ C:\Users\Sean\Desktop\BigPicture - Shortcut.lnk
    2015-09-09 01:26 - 2015-09-09 01:27 - 00000085 _____ C:\WINDOWS\wininit.ini
    2015-09-08 15:41 - 2015-09-08 15:41 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-08 15:41 - 2015-09-08 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-09-08 15:40 - 2015-09-11 19:45 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-08 15:40 - 2015-09-11 18:59 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-08 15:40 - 2015-09-08 15:40 - 00929360 _____ (Google Inc.) C:\Users\Sean\Downloads\ChromeSetup.exe
    2015-09-08 15:40 - 2015-09-08 15:40 - 00003970 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-08 15:40 - 2015-09-08 15:40 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-08 15:32 - 2015-09-11 19:09 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ACFEED43-B2E0-4672-B339-7D6941FF0D1A}
    2015-09-08 15:23 - 2015-09-08 15:23 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-09-08 15:23 - 2015-09-08 15:23 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-09-08 15:23 - 2015-09-08 15:23 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-09-08 13:50 - 2015-09-08 13:50 - 00000000 ____D C:\Users\Sean\AppData\Local\CEF
    2015-09-08 13:25 - 2015-09-08 13:26 - 04979171 _____ C:\Users\Sean\Desktop\bookmarks_9_8_15.html
    2015-09-07 09:09 - 2015-09-07 09:09 - 00000000 ____D C:\Users\Sean\Documents\ProcAlyzer Dumps
    2015-09-07 02:44 - 2015-09-07 02:44 - 00000000 ____D C:\Program Files\Common Files\AV
     
  3. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    2015-09-07 02:31 - 2015-09-09 01:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-09-07 02:31 - 2015-09-09 01:27 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2015-09-07 02:31 - 2015-09-07 02:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
    2015-09-07 02:26 - 2015-09-07 02:28 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
    2015-09-06 13:43 - 2015-09-06 13:43 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
    2015-09-06 13:43 - 2015-09-06 13:43 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files\Reference Assemblies
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files\MSBuild
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2015-09-06 13:18 - 2015-09-06 13:18 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2015-09-06 13:18 - 2015-09-06 13:18 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2015-09-06 13:08 - 2015-09-06 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-09-06 12:57 - 2015-09-06 12:58 - 00700584 _____ C:\Users\Sean\Downloads\Adware_Removal_Tool_by_TSA.exe
    2015-09-06 12:47 - 2015-09-06 12:47 - 00006863 _____ C:\Users\Sean\Desktop\zoek results 2015.09.06.txt
    2015-09-06 12:00 - 2015-09-06 10:44 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
    2015-09-06 10:46 - 2015-03-16 11:48 - 00007128 _____ C:\zoek-results2015-03-16-164851.log
    2015-09-06 10:43 - 2015-09-06 10:44 - 01308672 _____ C:\Users\Sean\Downloads\zoek.exe
    2015-09-06 10:38 - 2015-09-06 10:38 - 00095364 _____ C:\Users\Sean\Downloads\FRST Scan 2015.09.06.txt
    2015-09-06 10:36 - 2015-09-06 10:37 - 00074049 _____ C:\Users\Sean\Downloads\Addition.txt
    2015-09-06 10:35 - 2015-09-06 10:37 - 00095364 _____ C:\Users\Sean\Downloads\FRST.txt
    2015-09-06 10:34 - 2015-09-06 10:34 - 00000000 ____D C:\Users\Sean\Downloads\FRST-OlderVersion
    2015-09-06 10:27 - 2015-09-06 10:34 - 02190336 _____ (Farbar) C:\Users\Sean\Downloads\FRST64.exe
    2015-09-06 10:23 - 2015-09-06 10:24 - 00278831 _____ C:\Users\Sean\Downloads\wireless(1).exe
    2015-09-06 10:21 - 2015-09-06 10:21 - 00031833 _____ C:\Users\Sean\Downloads\MTB.txt
    2015-09-06 10:18 - 2015-09-06 10:19 - 00891392 _____ (Farbar) C:\Users\Sean\Downloads\MiniToolBox.exe
    2015-09-06 09:07 - 2015-09-06 09:15 - 01654272 _____ C:\Users\Sean\Downloads\adwcleaner_5.005.exe
    2015-09-05 15:27 - 2015-09-05 15:27 - 00000000 ____D C:\SUPERDelete
    2015-09-05 15:24 - 2015-09-05 15:26 - 25543261 _____ C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1)
    2015-09-05 15:23 - 2015-09-05 15:23 - 00000000 _____ C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip.5m27mey.partial
    2015-09-05 15:18 - 2015-09-05 15:18 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64_exe
    2015-09-05 15:17 - 2015-09-05 15:17 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64(2).exe
    2015-09-05 15:16 - 2015-09-05 15:16 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64(1).exe
    2015-09-05 08:53 - 2015-09-05 08:53 - 00448512 _____ (OldTimer Tools) C:\Users\Sean\Downloads\TFC (2).exe
    2015-09-05 08:47 - 2015-09-05 08:47 - 00095230 _____ C:\Users\Sean\Desktop\Registry Backup 2015.09.05 - cc_20150905_084635.reg
    2015-09-05 08:42 - 2015-09-05 08:42 - 06667640 _____ (Piriform Ltd) C:\Users\Sean\Downloads\ccsetup509.exe
    2015-09-05 08:24 - 2015-09-05 08:24 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Sun
    2015-09-05 08:24 - 2015-09-05 08:24 - 00000000 ____D C:\Users\Sean\.oracle_jre_usage
    2015-09-05 08:23 - 2015-09-05 08:23 - 00584288 _____ (Oracle Corporation) C:\Users\Sean\Downloads\jxpiinstall(1).exe
    2015-09-05 08:15 - 2015-09-05 08:15 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-09-05 08:15 - 2015-09-05 08:15 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-09-05 08:14 - 2015-09-05 08:14 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-09-05 08:01 - 2015-09-05 08:01 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\Sean\Downloads\autodetectutility.exe
    2015-09-05 07:46 - 2015-09-05 07:46 - 00001081 _____ C:\Users\Sean\Documents\BigPicture - Shortcut.lnk
    2015-09-04 16:14 - 2015-09-04 16:14 - 02446176 _____ (Acro Software Inc. ) C:\Users\Sean\Downloads\CuteWriter (1).exe
    2015-09-04 07:54 - 2015-09-04 07:55 - 04116296 _____ (Google) C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe
    2015-09-04 07:53 - 2015-09-10 14:23 - 00001170 _____ C:\Users\Sean\Downloads\debug.log
    2015-09-02 19:32 - 2015-09-02 19:32 - 00358253 _____ C:\Users\Sean\Desktop\Understanding Blood Pressure Readings.html
    2015-09-02 19:32 - 2015-09-02 19:32 - 00000000 ____D C:\Users\Sean\Desktop\Understanding Blood Pressure Readings_files
    2015-09-02 13:34 - 2015-09-02 13:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2015-09-02 09:45 - 2015-09-02 09:45 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2015-09-02 09:45 - 2015-09-02 09:45 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2015-09-02 09:45 - 2015-08-17 23:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
    2015-09-02 09:35 - 2015-09-02 09:35 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2015-09-02 09:35 - 2015-09-02 09:35 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01985024 _____ (Microsoft Corporation)
     
  4. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\SysWOW64\DWrite.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2015-09-02 09:34 - 2015-09-02 09:34 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00268800 _____ (Microsoft Corporation)
     
  5. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2015-09-01 13:20 - 2015-09-05 08:44 - 00000000 ___DC C:\WINDOWS\Panther
    2015-09-01 13:17 - 2015-09-01 13:17 - 00000000 ____D C:\Windows.old
    2015-09-01 13:16 - 2015-09-01 13:16 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00589312 _____ (Microsoft Corporation)
     
  6. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\SysWOW64\efscore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00058368 _____ (Microsoft Corporation)
     
  7. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\SysWOW64\msiexec.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
    2015-09-01 13:13 - 2015-09-01 13:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\Users\Sean\AppData\Local\MicrosoftEdge
    2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Sean\AppData\Local\Publishers
    2015-09-01 10:59 - 2015-09-01 10:59 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 22972560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 16159608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 16009800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 15892904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 14510584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 13274560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 12972336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 11842680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 11139216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2015-09-01 10:59 - 2015-09-01 10:59 - 03344672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02955832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02163856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01061192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01052488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00991336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00602264 _____ C:\WINDOWS\system32\nvmcumd.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00374416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00340624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00314936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007884 _____ C:\WINDOWS\system32\Drivers\cmdguard.cat
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007471 _____ C:\WINDOWS\system32\Drivers\inspect.cat
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007467 _____ C:\WINDOWS\system32\Drivers\cmdhlp.cat
    2015-09-01 10:53 - 2015-09-01 10:53 - 00002373 _____ C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-09-01 10:53 - 2015-09-01 10:53 - 00000000 ___RD C:\Users\Sean\OneDrive
    2015-09-01 10:52 - 2015-09-01 10:52 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2015-09-01 10:50 - 2015-09-01 10:52 - 00000000 ____D C:\Users\Sean\AppData\Local\Comms
    2015-09-01 10:49 - 2015-09-01 10:49 - 00000020 ___SH C:\Users\Sean\ntuser.ini
    2015-09-01 10:49 - 2015-09-01 10:49 - 00000000 ____D C:\Users\Sean\AppData\Local\TileDataLayer
    2015-09-01 10:45 - 2015-09-01 10:45 - 00000000 __SHD C:\Recovery
    2015-09-01 10:43 - 2015-09-01 10:43 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
    2015-09-01 10:42 - 2015-09-11 15:01 - 00877900 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-09-01 10:37 - 2015-07-10 05:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2015-09-01 10:33 - 2015-09-01 10:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-09-01 10:29 - 2015-09-01 10:29 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2015-09-01 10:28 - 2015-09-11 18:58 - 00000000 ____D C:\Users\Sean
    2015-09-01 10:28 - 2015-09-01 10:49 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 __RSD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-09-01 10:23 - 2015-09-01 11:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\WINDOWS\system32\DAX2
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\Program Files\Realtek
    2015-09-01 10:22 - 2015-09-01 10:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2015-09-01 10:21 - 2015-09-01 10:22 - 00020981 _____ C:\WINDOWS\system32\NetSetupMig.log
    2015-09-01 10:02 - 2015-09-01 10:45 - 00009528 _____ C:\WINDOWS\diagwrn.xml
    2015-09-01 10:02 - 2015-09-01 10:45 - 00009528 _____ C:\WINDOWS\diagerr.xml
    2015-08-29 07:52 - 2015-09-01 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
    2015-08-29 07:52 - 2015-08-29 07:52 - 00000000 ____D C:\Program Files (x86)\GPLGS
    2015-08-29 07:52 - 2015-08-29 07:52 - 00000000 ____D C:\Program Files (x86)\Acro Software
    2015-08-29 07:52 - 2013-10-23 15:24 - 00087600 _____ C:\WINDOWS\system32\cpwmon64.dll
    2015-08-29 07:51 - 2015-08-29 07:51 - 02446176 _____ (Acro Software Inc. ) C:\Users\Sean\Downloads\CuteWriter.exe
    2015-08-19 05:42 - 2015-08-19 05:42 - 02810448 _____ (Coupons.com Incorporated) C:\Users\Sean\Downloads\CouponPrinter.exe
    2015-08-12 04:21 - 2015-08-12 04:21 - 00000000 ____D C:\Users\Public\Documents\sun
    2015-08-12 04:20 - 2015-09-01 10:34 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
    2015-08-12 04:20 - 2015-08-12 04:20 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
    2015-08-12 04:17 - 2015-08-12 04:17 - 00000000 ____D C:\Users\Sean\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
    2015-08-12 04:11 - 2015-08-12 04:16 - 140852175 _____ C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
    2015-08-12 03:22 - 2015-09-09 01:37 - 00000000 ____D C:\ProgramData\iolo
    2015-08-12 03:22 - 2015-08-12 03:22 - 00000000 ____D C:\Program Files (x86)\iolo

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-11 19:59 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-09-11 19:58 - 2015-03-16 10:07 - 00018394 _____ C:\Users\Sean\Desktop\FRST.txt
    2015-09-11 19:58 - 2015-03-16 10:06 - 00000000 ____D C:\FRST
    2015-09-11 19:57 - 2015-03-17 11:29 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
    2015-09-11 19:57 - 2015-03-16 10:06 - 02190848 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
    2015-09-11 19:34 - 2014-05-23 00:11 - 06085120 _____ C:\Users\Sean\Documents\BigPicture.xls
    2015-09-11 18:57 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-09-11 18:13 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-09-11 18:13 - 2015-04-20 14:15 - 00010364 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
    2015-09-11 12:24 - 2013-11-19 02:47 - 00000000 ____D C:\Users\Sean\Desktop\Maintenance
    2015-09-11 08:12 - 2014-04-21 13:53 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-09-11 08:07 - 2014-04-21 13:53 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-09-11 07:07 - 2015-02-25 04:18 - 00000870 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core.job
    2015-09-11 05:23 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-09-10 16:49 - 2014-04-22 19:24 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-09-09 01:37 - 2014-08-17 15:37 - 00000000 ____D C:\Program Files (x86)\Java
    2015-09-09 01:36 - 2014-08-17 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-09-09 01:29 - 2015-07-10 07:20 - 00227856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-09-09 01:27 - 2015-07-10 08:14 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-09 01:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-09-08 16:12 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-09-08 15:41 - 2014-05-22 11:26 - 00000000 ____D C:\Program Files (x86)\Google
    2015-09-08 13:50 - 2014-06-27 05:13 - 00000000 ____D C:\Users\Sean\AppData\Local\Adobe
    2015-09-08 10:08 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
    2015-09-06 13:26 - 2014-05-31 12:01 - 00000000 ____D C:\Program Files (x86)\Mozilla
     
  8. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Maintenance Service
    2015-09-06 13:07 - 2015-03-17 14:02 - 00000000 ____D C:\Users\Sean\Desktop\Old Firefox Data
    2015-09-06 12:45 - 2015-03-16 10:44 - 00006863 _____ C:\zoek-results.log
    2015-09-06 11:41 - 2015-03-16 10:42 - 00000000 ____D C:\zoek_backup
    2015-09-06 10:25 - 2014-02-14 02:40 - 00026538 _____ C:\Users\Sean\Downloads\reg.txt
    2015-09-06 09:18 - 2014-05-28 19:07 - 00000000 ____D C:\AdwCleaner
    2015-09-05 15:25 - 2015-03-16 14:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2015-09-05 09:44 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Cursors
    2015-09-05 08:43 - 2014-11-29 18:27 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-05 08:24 - 2014-08-17 15:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2015-09-05 08:24 - 2014-04-21 18:19 - 00000000 ____D C:\ProgramData\Oracle
    2015-09-05 08:15 - 2015-05-18 07:04 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-09-05 08:14 - 2014-04-21 18:17 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-04 15:51 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2015-09-04 15:45 - 2015-06-16 23:04 - 00000000 ____D C:\Users\Sean\Desktop\Reciprosity
    2015-09-04 07:53 - 2014-05-22 11:26 - 00000000 ____D C:\Users\Sean\AppData\Local\Google
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\oobe
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-09-03 06:52 - 2015-01-30 12:27 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
    2015-09-03 06:52 - 2015-01-30 12:27 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
    2015-09-02 09:35 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\restore
    2015-09-02 09:31 - 2015-07-10 06:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-09-02 09:31 - 2015-07-10 06:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-09-02 03:49 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\appcompat
    2015-09-01 13:19 - 2015-07-10 06:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2015-09-01 13:17 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
    2015-09-01 13:17 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-09-01 13:17 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2015-09-01 13:17 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Dism
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\setup
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2015-09-01 11:14 - 2014-04-21 13:28 - 00000000 ____D C:\Users\Sean\AppData\Local\Packages
    2015-09-01 11:01 - 2014-04-21 13:36 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-01 11:00 - 2014-04-21 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-09-01 10:59 - 2015-07-23 04:02 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
    2015-09-01 10:54 - 2015-08-07 19:59 - 00127232 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\MiracastView
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2015-09-01 10:44 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Registration
    2015-09-01 10:43 - 2015-03-17 19:06 - 00003690 _____ C:\WINDOWS\System32\Tasks\Maxthon Update
    2015-09-01 10:43 - 2015-02-25 04:18 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA
    2015-09-01 10:43 - 2015-02-25 04:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core
    2015-09-01 10:43 - 2014-11-29 18:27 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2015-09-01 10:43 - 2014-04-22 19:28 - 00003138 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
    2015-09-01 10:43 - 2014-04-21 13:34 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3241552452-1043148222-4198266174-1001
    2015-09-01 10:41 - 2015-07-10 06:04 - 00000000 __RHD C:\Users\Public\Libraries
    2015-09-01 10:34 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2015-09-01 10:34 - 2015-05-13 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BovadaPoker
    2015-09-01 10:34 - 2015-03-17 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
    2015-09-01 10:34 - 2015-03-16 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2015-09-01 10:34 - 2015-03-09 12:05 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-09-01 10:34 - 2014-12-15 04:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Favorite-Games
    2015-09-01 10:34 - 2014-11-29 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-09-01 10:34 - 2014-09-04 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-09-01 10:34 - 2014-07-06 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
    2015-09-01 10:34 - 2014-05-24 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2015-09-01 10:34 - 2014-05-15 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK
    2015-09-01 10:34 - 2014-05-15 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\palmOne
    2015-09-01 10:34 - 2014-04-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-09-01 10:34 - 2014-04-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2015-09-01 10:33 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Default.migrated
    2015-09-01 10:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\spool
    2015-09-01 10:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
    2015-09-01 10:31 - 2014-04-21 18:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
    2015-09-01 10:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
    2015-09-01 10:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
    2015-09-01 10:30 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\InputMethod
    2015-09-01 10:30 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Help
    2015-09-01 10:30 - 2015-03-17 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
    2015-09-01 10:30 - 2014-04-21 17:45 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
    2015-09-01 10:30 - 2014-04-21 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
    2015-09-01 10:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
    2015-09-01 10:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\ADFS
    2015-09-01 10:29 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
    2015-09-01 10:29 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-09-01 10:28 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2015-09-01 10:21 - 2015-07-10 04:05 - 00000000 __RHD C:\Users\Default
    2015-09-01 10:02 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
    2015-09-01 04:11 - 2015-06-22 01:53 - 00000440 _____ C:\Users\Sean\Documents\spider.sav
    2015-08-28 21:36 - 2015-02-25 04:18 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA.job
    2015-08-28 16:10 - 2014-05-01 19:57 - 00587776 ___SH C:\Users\Sean\Desktop\Thumbs.db
    2015-08-14 15:03 - 2014-09-04 01:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-08-14 15:03 - 2014-09-04 01:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-08-12 04:20 - 2014-05-22 11:49 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

    ==================== Files in the root of some directories =======

    2014-11-29 22:00 - 2015-07-21 22:25 - 0000000 _____ () C:\Users\Sean\AppData\Local\ars.cache
    2014-11-29 22:00 - 2015-07-21 22:27 - 2504317 _____ () C:\Users\Sean\AppData\Local\census.cache
    2014-11-29 19:02 - 2014-11-29 19:02 - 0000036 _____ () C:\Users\Sean\AppData\Local\housecall.guid.cache
    2015-09-09 22:16 - 2015-09-09 22:16 - 0007596 _____ () C:\Users\Sean\AppData\Local\Resmon.ResmonCfg
    2014-11-29 19:06 - 2015-07-21 18:55 - 0000010 _____ () C:\Users\Sean\AppData\Local\sponge.last.runtime.cache
    2015-09-01 10:23 - 2015-09-01 10:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-09-11 11:53

    ==================== End of FRST.txt ============================
     
  9. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
    Ran by Sean (2015-09-11 20:19:34)
    Running from C:\Users\Sean\Desktop
    Windows 10 Home (X64) (2015-09-01 15:49:47)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3241552452-1043148222-4198266174-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3241552452-1043148222-4198266174-503 - Limited - Disabled)
    Guest (S-1-5-21-3241552452-1043148222-4198266174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3241552452-1043148222-4198266174-1003 - Limited - Enabled)
    Sean (S-1-5-21-3241552452-1043148222-4198266174-1001 - Administrator - Enabled) => C:\Users\Sean

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
    AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
    BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    COMODO Internet Security Premium (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    Dropbox (HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Favorite-Games 5.22 (HKLM-x32\...\Favorite-Games_is1) (Version: - Favorite-Games 2001-2013 ©)
    GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.60.0000 - GIGABYTE Technology Co.,Ltd.)
    GIGABYTE OC_GURU II (x32 Version: 1.60.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
    Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    KODAK Share Button App (HKLM-x32\...\{F5930CDE-2FF5-4A8D-9DBD-3177C816D4A9}) (Version: 4.05.0000.0000 - Eastman Kodak Company)
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.4.3000 - Maxthon International Limited)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
    NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA Miracast Virtual Audio 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    palmOne (HKLM-x32\...\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}) (Version: 4.1.0420 - palmOne, Inc.)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
    Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
    SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
    SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
    Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Temperature Monitor (HKLM-x32\...\{6642BF47-D82A-447B-90E7-658FA865AFD7}) (Version: - )
    Tseries BIOS Update (HKLM-x32\...\{E8626A59-FD0E-449C-A23A-C52FC0733629}) (Version: - )
    Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (HKLM\...\3D970B9F930E7AAE23C06D39A1AC98548C90B442) (Version: 01/29/2010 1.4.1.0 - Eastman Kodak)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    02-09-2015 09:35:27 Windows Update
    02-09-2015 09:36:08 Windows Update
    06-09-2015 10:46:04 zoek.exe restore point
    08-09-2015 10:45:55 Windows Modules Installer

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 08:25 - 2015-09-06 10:47 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
    Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
    Task: {156021EF-1826-4D3B-B4EB-B9927A8672E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
    Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {25084441-C4F9-4F2E-AC44-6535AE3D6F7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {26352CF2-E2B3-4CC6-B940-F7DF2B200AF9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {27E64EF6-8B29-486A-B1DD-70FB29DA38C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
    Task: {2F8B9962-108D-4E19-803B-6CA0836A125A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {34842A40-4042-4B51-8A01-F90FD36DF44A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
    Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {45E57331-A70A-4DAD-826C-ABCD4D1BF104} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-05] (Piriform Ltd)
    Task: {4A6E10F0-9097-48F7-BB24-FF2D75D1B2B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated)
    Task: {51996DCF-7925-45CC-8AFF-0298CE92B196} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {63299786-983C-4780-906B-C247B541517C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {66FDE4FC-C057-41E4-8E50-FA3E1DD8E32C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
    Task: {6B185EE9-A320-4E73-94BF-524E8D6BE1DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {6F8ACA14-CE61-4B5E-8D79-34D1379D23AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
    Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
    Task: {74077514-9C8F-4C0A-B5F0-76FAABD51E26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {74E8EBF4-4F47-42F4-B87B-006CC5913BAD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
    Task: {7B48077C-71A9-485F-8CB5-39896F65265B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-07-15] (Maxthon International ltd.)
    Task: {88509F51-4B08-453F-B23B-ED80F2E96D43} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-09-01] (Microsoft Corporation)
    Task: {98B4436C-94CB-411C-B6A9-767DFA35091A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {9DDE1CB6-BB0F-4E52-B04D-72B1B14C6196} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)
    Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
    Task: {A7A0C86F-3AF7-4335-B616-E8D1442D4FD9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-09-11] (Microsoft Corporation)
    Task: {C326F8D3-D767-4764-AB2B-73224E5F7C55} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {C36ACC15-5360-400C-84BB-F61EB8350C09} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {C39C0657-6AE8-4BD4-A865-2D6A1998AE7A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)
    Task: {C3A47CA8-4E17-4F90-9DB8-ADEDDAFB73EB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
    Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
    Task: {D16D5D78-2A8C-4C22-A500-4C7A9E3C44A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D5B8423C-B5E6-40EC-98D8-2FF4D44361DE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {E30091F6-D19E-4357-A70E-5F1F05764068} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {E81ACDC6-0059-4355-AACD-48462B712D07} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {EDCAE232-0AC7-4834-9F7E-18466F00D7A5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {FCCDF9C9-B3D3-4D50-B280-FC94135184C4} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {FE786032-4C51-4007-B99C-C9453955768B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2014-04-21 13:35 - 2015-07-13 12:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-08-29 07:52 - 2013-10-23 15:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-07-10 05:59 - 2015-07-10 05:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-07-10 06:00 - 2015-07-10 08:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2013-04-15 17:39 - 2015-01-08 17:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
     
  10. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\zoek-delete.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\configmanager2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\coredpus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dafWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dfp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DfpCommon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_win.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_wininternal.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\enterprisecsps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerShellext.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFrameworkInternalPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationGeofences.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationPermissions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeParserTask.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssprxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MusNotificationUx.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkStatus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationControllerPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rdbui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RDXService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\schedsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Notifications.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModelShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SkyDriveTelemetry.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SubscriptionMgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\syncutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\sysmain.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringservice.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tileobjserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnNetsh.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.PicturePassword.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuautoappupdate.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReInfo.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\subinacl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\inspect.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mountmgr.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\msgpiowin32.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdyboost.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tmcomm.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tunnel.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBHUB3.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBXHCI.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wpcfltr.sys:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 1.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 2.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Miata seat install into Z.pdf:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Rachel and Richie Marriage License - 1374836_233220810167480_1318245182_n.jpg:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\Adware_Removal_Tool_by_TSA.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\adwcleaner_5.005.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1).zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip.5m27mey.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu_exe.l7o9ats.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\FRST64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\MiniToolBox.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revouninstaller.zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdZnID

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 156.154.70.22 - 156.154.71.22
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "HotSync Manager.lnk"
    HKLM\...\StartupApproved\Run: => "ShadowPlay"
    HKLM\...\StartupApproved\Run: => "NvBackend"
    HKLM\...\StartupApproved\Run32: => "Adobe ARM"
    HKLM\...\StartupApproved\Run32: => "HostManager"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4C759CBE76051A54F37D4E70F0F48AE0"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "Google Update"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{0CC7380D-42A3-4F6F-B72C-30C8B37AA67C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{B998D10F-858E-43D0-9A0E-49D866C5955D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{C884125D-4EEA-4065-9A75-467D11C30C2C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{76A3519A-AA3D-455E-881D-8832B99A5C84}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{DC082DA4-E88F-49F1-9F01-40D2E1703E43}] => (Allow) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{88A2E9F7-B26F-4230-ADC8-0C9B7FBDD1A8}] => (Allow) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{73D8BAFC-A5F4-41C5-BC2B-98AEC25A957A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
    FirewallRules: [{12B31E19-2714-4490-B4BC-1DE1C981F4F6}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
    FirewallRules: [{011157BC-FFD8-42B6-8E36-5C9964790388}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{FF6452B7-7B13-4EF6-A229-9D9454619CC2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{C8B59CA6-6CA8-4696-BB49-061CE1941A14}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{5EDFD783-730B-43AE-B711-EAB1B1F7F146}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{94AAA43C-0AA3-4C2F-AD13-39F32A024A5B}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{727DBB22-452D-4082-9A46-594FA52070EF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{95D8A61F-14F5-41B8-9431-8D72EFC69D79}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
    FirewallRules: [{B3831639-C8F2-4ABA-B2D3-EE857E0D0214}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
    FirewallRules: [{6B4E3484-D769-458F-804B-3554C3AAEE88}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1404696771\ee\aolsoftware.exe
    FirewallRules: [{A96902C5-C881-46E2-9EDE-EA5E5D756EDF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1404696771\ee\aolsoftware.exe
    FirewallRules: [{403E0155-108C-4382-8FA1-5E234640EFD6}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{1D1447AC-5C19-4F35-969B-1F4568909CDB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{F080FEE9-4A27-4DCE-A35E-F96FCB031627}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{DB8B5D76-0E92-4A61-96A6-3C43F0AD8EA2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{8EF41A7A-604D-4B95-A8BB-2A1009128AF4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{AD989AD0-0B84-4917-9E1E-DCD225F4DE63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{081BCE1B-8F0A-468E-B1B4-4F3842023CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{25555285-34A3-473A-A08C-F585FD5079FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{BCDAEBCE-79AA-4071-8C5E-2955AD5B7CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{292A2F33-82AC-46E6-A06F-ADA08C871023}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{763FC454-C9A9-4A14-A5B0-9F670C7407E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EF8C6F70-58F0-4BB7-8BC4-DC4C61C3B4E0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E20E4464-9338-478F-B101-8C0DBB92C973}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{0B27440D-CB6D-4B99-8939-41303972768F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/11/2015 12:35:34 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/11/2015 12:35:31 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/11/2015 12:35:26 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/09/2015 09:34:37 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b991f5c1-d34f-42ee-b324-c62aec4d882a.dmp

    Error: (09/09/2015 12:55:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

    Details:
    The content index catalog is corrupt. 0xc0041801 (0xc0041801)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)}. The service will attempt to automatically correct this problem by rebuilding the index.

    Details:
    The data is invalid. 0x8007000d (0x8007000d)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)}. The service will attempt to automatically correct this problem by rebuilding the index.

    The data is invalid. 0x8007000d (0x8007000d)

    Error: (09/09/2015 10:00:01 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\86e47d01-68f7-4659-9ab6-a07a89edad10.dmp

    Error: (09/09/2015 01:28:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcCan continue stopping. [18]

    Error: (09/08/2015 03:35:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcCan continue stopping. [18]


    System errors:
    =============
    Error: (09/11/2015 06:57:47 PM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: 0x000000be (0xfffff9616f340000, 0x8030000112295001, 0xffffd00020248131, 0x000000000000000b)C:\WINDOWS\MEMORY.DMP091115-23921-01

    Error: (09/11/2015 06:57:47 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 6:53:55 PM on ‎9/‎11/‎2015 was unexpected.

    Error: (09/11/2015 06:22:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/11/2015 06:22:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office:
    =========================
    Error: (09/11/2015 12:35:34 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe

    Error: (09/11/2015 12:35:31 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe

    Error: (09/11/2015 12:35:26 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestc:\users\sean\downloads\esetsmartinstaller_enu (1).exe

    Error: (09/09/2015 09:34:37 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b991f5c1-d34f-42ee-b324-c62aec4d882a.dmp

    Error: (09/09/2015 12:55:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: Details:
    The content index catalog is corrupt. 0xc0041801 (0xc0041801)
    The catalog is corrupt

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: Details:
    The data is invalid. 0x8007000d (0x8007000d)
    4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The data is invalid. 0x8007000d (0x8007000d)
    4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)

    Error: (09/09/2015 10:00:01 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\86e47d01-68f7-4659-9ab6-a07a89edad10.dmp

    Error: (09/09/2015 01:28:02 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcCan continue stopping. [18]

    Error: (09/08/2015 03:35:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcCan continue stopping. [18]


    CodeIntegrity:
    ===================================
    Date: 2015-09-11 20:18:56.865
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 19:57:31.540
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 19:13:07.324
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 18:58:39.641
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 18:42:28.229
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 18:14:36.562
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 18:12:16.748
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 16:41:44.963
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 15:12:20.627
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-11 14:57:42.999
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD FX(tm)-6300 Six-Core Processor
    Percentage of memory in use: 25%
    Total physical RAM: 8168.68 MB
    Available physical RAM: 6047.87 MB
    Total Virtual: 9448.68 MB
    Available Virtual: 6793.6 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:930.73 GB) (Free:804.31 GB) NTFS
    Drive d: () (Fixed) (Total:465.75 GB) (Free:465.55 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 632ADF5D)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 22EE22EE)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  11. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ======================================

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  12. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    RogueKiller V10.10.4.0 [Sep 4 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/software/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.10240) 64 bits version
    Started in : Normal mode
    User : Sean [Administrator]
    Started from : C:\Users\Sean\Downloads\RogueKiller.exe
    Mode : Scan -- Date : 09/12/2015 07:03:38

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 0 ¤¤¤

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 1 ¤¤¤
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: ST1000DM003-1CH162 ATA Device +++++
    --- User ---
    [MBR] 658a2ae49a5a5228a1a2c6e1c6dc0e02
    [BSP] 39ff667604728442e4aa858c8bd0ed11 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953067 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: Hitachi HDP725050GLA360 ATA Device +++++
    --- User ---
    [MBR] 0b222fa93c8a0c27154015ffdc58742e
    [BSP] 7061373bc53538337923a2a9bddbf156 : Windows XP|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476929 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )
     
  13. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 9/12/2015
    Scan Time: 7:09 AM
    Logfile: MalwareBytes Scan 2015.09.12.txt
    Administrator: Yes

    Version: 2.1.8.1057
    Malware Database: v2015.09.12.02
    Rootkit Database: v2015.08.16.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Sean

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 366972
    Time Elapsed: 15 min, 19 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.PricePeep, C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, Quarantined, [ec16220dd8b38caa2524b8f3ef1529d7],
    PUP.Optional.PricePeep, C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, Quarantined, [15ed220dddae42f43811eac1c242f20e],

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  14. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    # AdwCleaner v5.007 - Logfile created 12/09/2015 at 07:46:08
    # Updated 08/09/2015 by Xplode
    # Database : 2015-09-10.1 [Server]
    # Operating system : Windows 10 Home (x64)
    # Username : Sean - OWNER-PC
    # Running from : C:\Users\Sean\Downloads\adwcleaner_5.007.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\ProgramData\{C585085B-79A8-423C-B04B-77DD30E9C195}

    ***** [ Files ] *****

    [-] File Deleted : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
    [-] File Deleted : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
    [-] File Deleted : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
    [-] File Deleted : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal

    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

    ***** [ Web browsers ] *****

    [-] [C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
    [-] [C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.aol.com
    [-] [C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
    [-] [C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : easyscan.en.softonic.com

    *************************

    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1858 bytes] ##########
     
  15. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.6.1 (09.08.2015:1)
    OS: Windows 10 Home x64
    Ran by Sean on Sat 09/12/2015 at 7:54:50.60
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Chrome


    [C:\Users\Sean\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Sean\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\Sean\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Sean\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 09/12/2015 at 8:16:18.75
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  16. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Problems still persist, although I've noticed differences between the various browsers I use.

    Google Chrome is my default browser. It is the only one that the pop ups come up on. It also runs very slow, as I initially described.

    Microsoft Edge probably runs the slowest of all, and freezes up the most.

    Firefox is better, but still has those problems.

    Maxthon appears relative unaffected. I'm going to get some tabs open and see what happens; the other browsers all got worse as more tabs were opened.
     
  17. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  18. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    I think I found the popup problem. I was looking in the Chrome forums, and someone described getting popups, as I was.

    The solution to their problem was an extension. I checked mine, and I had 4 running: Google Docs Offline, Lazarus Form Recovery, Mighty Text, and Webpage Screenshot 14.5.1

    Under Webpage Screenshot, it said "This extension violates the Google Web Store policy"

    I disabled all the extensions, and the popups quit immediately. I then went through and re-enabled them, one-by-one, surfing the web after each to see if the popups showed back up. They haven't, and it's been hours.

    I did not re-enable Webpage Screenshots. I looked it up, and it appears legit:

    http://www.crx4chrome.com/extensions/ckibcdccnfeookdmbahgiakhnjcddpki/

    Still, I don't want to mess with success.

    I'm still having the problem with the web being very slow. The longer the computer runs, the slower it goes. I've been up and running for over 6 hours. When I opened a tab to search for the webpage screenshot, all I got was white page for several minutes. I clicked on another tab, but nothing happened for a good minute. When it switched to that tab, the page was frozen for a good minute. When I got back to the tab I'd opened to search, I typed in "webpage screenshot 14.5.1", but it was a good 30 seconds before the letters I'd typed began to slowly appear.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
    Ran by Sean (administrator) on OWNER-PC (12-09-2015 16:47:16)
    Running from C:\Users\Sean\Desktop
    Loaded Profiles: Sean (Available Profiles: Sean)
    Platform: Windows 10 Home (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
    (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\spider.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-31] (Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-07] (COMODO)
    HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1404696771\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-09-05] (Oracle Corporation)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-09-05] (Piriform Ltd)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [Google Update] => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-25] (Google Inc.)
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Run: [OneDrive] => C:\Users\Sean\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-01] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-04-21]
    ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
    Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-09]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
    Tcpip\..\Interfaces\{f4393aa7-8666-49cc-99b2-08e1295ea72d}: [NameServer] 156.154.70.22,156.154.71.22
    Tcpip\..\Interfaces\{f4393aa7-8666-49cc-99b2-08e1295ea72d}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-05] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-05] (Oracle Corporation)
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

    FireFox:
    ========
    FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\0tthv388.default-1441562848759
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-05] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-05] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-05] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-08] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-08] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sean\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @talk.google.com/O1DPlugin -> C:\Users\Sean\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3241552452-1043148222-4198266174-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-06-26] (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Sean\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Sean\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
     
  19. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxp://www.yahoo.com/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-22]
    CHR Extension: (YouTube) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-22]
    CHR Extension: (Webpage Screenshot) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2015-03-19]
    CHR Extension: (Google Search) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-22]
    CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2015-03-18]
    CHR Extension: (Google Docs Offline) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
    CHR Extension: (Lazarus: Form Recovery) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-03-23]
    CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2015-09-12]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22]
    CHR Extension: (Khan Academy) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko [2015-02-15]
    CHR Extension: (Gmail) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-22]
    CHR Extension: (kik) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi [2015-04-22]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-03-16] (SUPERAntiSpyware.com)
    S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
    R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-07] (COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-07] (COMODO)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-21] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
    R1 BIOS_SMI_DRIVER; C:\Windows\system32\drivers\SMIBIOS64.sys [13912 2013-08-31] ()
    R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2013-06-13] (BIOSTAR Group)
    R1 BSMEM; C:\Windows\SysWOW64\drivers\BSMEM.sys [17024 2012-07-26] (BIOSTAR Group) [File not signed]
    R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-04] (COMODO)
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-04] (COMODO)
    R1 cmdHlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-04] (COMODO)
    S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
    R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-09-01] (COMODO)
    S3 kglcapow; C:\Users\Sean\AppData\Local\Temp\kglcapow.sys [56496 2015-09-11] (GMER) [File not signed]
    S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-07-21] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-21] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-07-21] (Malwarebytes Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-12] ()
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-12 16:44 - 2015-09-12 16:44 - 00016148 _____ C:\WINDOWS\system32\OWNER-PC_Sean_HistoryPrediction.bin
    2015-09-12 08:16 - 2015-09-12 08:16 - 00001059 _____ C:\Users\Sean\Desktop\JRT.txt
    2015-09-12 07:53 - 2015-09-12 07:53 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Sean\Downloads\JRT.exe
    2015-09-12 07:44 - 2015-09-12 07:44 - 01660416 _____ C:\Users\Sean\Downloads\adwcleaner_5.007.exe
    2015-09-12 07:39 - 2015-09-12 07:39 - 00001446 _____ C:\Users\Sean\Desktop\MalwareBytes Scan 2015.09.12.txt
    2015-09-12 07:06 - 2015-09-12 07:06 - 00005176 _____ C:\Users\Sean\Desktop\RogueKiller Scan 2015.08.12 - rk_3E98.tmp.txt
    2015-09-12 06:53 - 2015-09-12 07:07 - 00000000 ____D C:\ProgramData\RogueKiller
    2015-09-12 06:53 - 2015-09-12 06:53 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2015-09-12 06:52 - 2015-09-12 06:52 - 18779208 _____ C:\Users\Sean\Downloads\RogueKiller.exe
    2015-09-11 19:57 - 2015-09-11 19:57 - 00000000 ____D C:\Users\Sean\Desktop\FRST-OlderVersion
    2015-09-11 19:12 - 2015-09-11 19:12 - 02816040 _____ C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe
    2015-09-11 18:57 - 2015-09-11 18:57 - 638651999 _____ C:\WINDOWS\MEMORY.DMP
    2015-09-11 18:57 - 2015-09-11 18:57 - 00319928 _____ C:\WINDOWS\Minidump\091115-23921-01.dmp
    2015-09-11 18:57 - 2015-09-11 18:57 - 00000000 ____D C:\WINDOWS\Minidump
    2015-09-11 18:54 - 2015-09-11 18:54 - 00380416 _____ C:\Users\Sean\Downloads\30x1hssv.exe
    2015-09-11 18:13 - 2015-09-11 18:13 - 00000386 _____ C:\WINDOWS\PFRO.log
    2015-09-11 18:12 - 2015-09-11 18:12 - 00000000 ____D C:\CCE_Quarantine
    2015-09-11 14:57 - 2015-09-11 14:57 - 00000794 _____ C:\WINDOWS\setupact.log
    2015-09-11 14:57 - 2015-09-11 14:57 - 00000000 _____ C:\WINDOWS\setuperr.log
    2015-09-11 14:18 - 2015-09-11 14:18 - 00000000 ____D C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1)
    2015-09-11 14:17 - 2015-09-11 14:17 - 25543261 _____ C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1).zip
    2015-09-11 12:35 - 2015-09-11 12:35 - 02870984 _____ (ESET) C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe
    2015-09-11 12:34 - 2015-09-11 12:34 - 00000000 _____ C:\Users\Sean\Downloads\esetsmartinstaller_enu_exe.l7o9ats.partial
    2015-09-09 22:16 - 2015-09-09 22:16 - 00007596 _____ C:\Users\Sean\AppData\Local\Resmon.ResmonCfg
    2015-09-09 16:15 - 2015-09-12 16:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2015-09-09 01:41 - 2015-09-09 01:41 - 00000989 _____ C:\Users\Sean\Desktop\BigPicture - Shortcut.lnk
    2015-09-09 01:26 - 2015-09-09 01:27 - 00000085 _____ C:\WINDOWS\wininit.ini
    2015-09-08 15:41 - 2015-09-08 15:41 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-08 15:41 - 2015-09-08 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-09-08 15:40 - 2015-09-12 16:45 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-08 15:40 - 2015-09-12 15:45 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-08 15:40 - 2015-09-08 15:40 - 00929360 _____ (Google Inc.) C:\Users\Sean\Downloads\ChromeSetup.exe
    2015-09-08 15:40 - 2015-09-08 15:40 - 00003970 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-08 15:40 - 2015-09-08 15:40 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-08 15:32 - 2015-09-12 11:51 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ACFEED43-B2E0-4672-B339-7D6941FF0D1A}
    2015-09-08 15:23 - 2015-09-08 15:23 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-09-08 15:23 - 2015-09-08 15:23 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-09-08 15:23 - 2015-09-08 15:23 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2015-09-08 15:23 - 2015-09-08 15:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-09-08 15:23 - 2015-09-08 15:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-09-08 13:50 - 2015-09-08 13:50 - 00000000 ____D C:\Users\Sean\AppData\Local\CEF
    2015-09-08 13:25 - 2015-09-08 13:26 - 04979171 _____ C:\Users\Sean\Desktop\bookmarks_9_8_15.html
    2015-09-07 09:09 - 2015-09-07 09:09 - 00000000 ____D C:\Users\Sean\Documents\ProcAlyzer Dumps
    2015-09-07 02:44 - 2015-09-07 02:44 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-09-07 02:31 - 2015-09-09 01:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-09-07 02:31 - 2015-09-09 01:27 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2015-09-07 02:31 - 2015-09-07 02:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
    2015-09-07 02:26 - 2015-09-07 02:28 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
    2015-09-06 13:43 - 2015-09-06 13:43 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
    2015-09-06 13:43 - 2015-09-06 13:43 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files\Reference Assemblies
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files\MSBuild
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2015-09-06 13:19 - 2015-09-06 13:19 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2015-09-06 13:18 - 2015-09-06 13:18 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-09-06 13:18 - 2015-09-06 13:18 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2015-09-06 13:18 - 2015-09-06 13:18 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2015-09-06 13:08 - 2015-09-06 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-09-06 12:57 - 2015-09-06 12:58 - 00700584 _____ C:\Users\Sean\Downloads\Adware_Removal_Tool_by_TSA.exe
    2015-09-06 12:47 - 2015-09-06 12:47 - 00006863 _____ C:\Users\Sean\Desktop\zoek results 2015.09.06.txt
    2015-09-06 12:00 - 2015-09-06 10:44 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
    2015-09-06 10:46 - 2015-03-16 11:48 - 00007128 _____ C:\zoek-results2015-03-16-164851.log
    2015-09-06 10:43 - 2015-09-06 10:44 - 01308672 _____ C:\Users\Sean\Downloads\zoek.exe
    2015-09-06 10:38 - 2015-09-06 10:38 - 00095364 _____ C:\Users\Sean\Downloads\FRST Scan 2015.09.06.txt
    2015-09-06 10:36 - 2015-09-06 10:37 - 00074049 _____ C:\Users\Sean\Downloads\Addition.txt
    2015-09-06 10:35 - 2015-09-06 10:37 - 00095364 _____ C:\Users\Sean\Downloads\FRST.txt
    2015-09-06 10:34 - 2015-09-06 10:34 - 00000000 ____D C:\Users\Sean\Downloads\FRST-OlderVersion
    2015-09-06 10:27 - 2015-09-06 10:34 - 02190336 _____ (Farbar) C:\Users\Sean\Downloads\FRST64.exe
    2015-09-06 10:23 - 2015-09-06 10:24 - 00278831 _____ C:\Users\Sean\Downloads\wireless(1).exe
    2015-09-06 10:21 - 2015-09-06 10:21 - 00031833 _____ C:\Users\Sean\Downloads\MTB.txt
    2015-09-06 10:18 - 2015-09-06 10:19 - 00891392 _____ (Farbar) C:\Users\Sean\Downloads\MiniToolBox.exe
    2015-09-06 09:07 - 2015-09-06 09:15 - 01654272 _____ C:\Users\Sean\Downloads\adwcleaner_5.005.exe
    2015-09-05 15:27 - 2015-09-05 15:27 - 00000000 ____D C:\SUPERDelete
    2015-09-05 15:24 - 2015-09-05 15:26 - 25543261 _____ C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1)
    2015-09-05 15:23 - 2015-09-05 15:23 - 00000000 _____ C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip.5m27mey.partial
    2015-09-05 15:18 - 2015-09-05 15:18 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64_exe
    2015-09-05 15:17 - 2015-09-05 15:17 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64(2).exe
    2015-09-05 15:16 - 2015-09-05 15:16 - 02494944 _____ (Trend Micro Inc.) C:\Users\Sean\Downloads\HousecallLauncher64(1).exe
    2015-09-05 08:53 - 2015-09-05 08:53 - 00448512 _____ (OldTimer Tools) C:\Users\Sean\Downloads\TFC (2).exe
    2015-09-05 08:47 - 2015-09-05 08:47 - 00095230 _____ C:\Users\Sean\Desktop\Registry Backup 2015.09.05 - cc_20150905_084635.reg
    2015-09-05 08:42 - 2015-09-05 08:42 - 06667640 _____ (Piriform Ltd) C:\Users\Sean\Downloads\ccsetup509.exe
    2015-09-05 08:24 - 2015-09-05 08:24 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Sun
    2015-09-05 08:24 - 2015-09-05 08:24 - 00000000 ____D C:\Users\Sean\.oracle_jre_usage
    2015-09-05 08:23 - 2015-09-05 08:23 - 00584288 _____ (Oracle Corporation) C:\Users\Sean\Downloads\jxpiinstall(1).exe
    2015-09-05 08:15 - 2015-09-05 08:15 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-09-05 08:15 - 2015-09-05 08:15 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-09-05 08:14 - 2015-09-05 08:14 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-09-05 08:01 - 2015-09-05 08:01 - 04944608 _____ (Advanced Micro Devices, Inc.) C:\Users\Sean\Downloads\autodetectutility.exe
    2015-09-05 07:46 - 2015-09-05 07:46 - 00001081 _____ C:\Users\Sean\Documents\BigPicture - Shortcut.lnk
    2015-09-04 16:14 - 2015-09-04 16:14 - 02446176 _____ (Acro Software Inc. ) C:\Users\Sean\Downloads\CuteWriter (1).exe
    2015-09-04 07:54 - 2015-09-04 07:55 - 04116296 _____ (Google) C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe
    2015-09-04 07:53 - 2015-09-10 14:23 - 00001170 _____ C:\Users\Sean\Downloads\debug.log
    2015-09-02 19:32 - 2015-09-02 19:32 - 00358253 _____ C:\Users\Sean\Desktop\Understanding Blood Pressure Readings.html
    2015-09-02 19:32 - 2015-09-02 19:32 - 00000000 ____D C:\Users\Sean\Desktop\Understanding Blood Pressure Readings_files
    2015-09-02 13:34 - 2015-09-02 13:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2015-09-02 09:45 - 2015-09-02 09:45 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2015-09-02 09:45 - 2015-09-02 09:45 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2015-09-02 09:45 - 2015-09-02 09:45 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2015-09-02 09:45 - 2015-08-17 23:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
    2015-09-02 09:35 - 2015-09-02 09:35 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2015-09-02 09:35 - 2015-09-02 09:35 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00752640 _____ (Microsoft Corporation)
     
  20. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\SysWOW64\msctfuimanager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2015-09-02 09:34 - 2015-09-02 09:34 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2015-09-02 09:34 - 2015-09-02 09:34 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
    2015-09-02 09:34 - 2015-09-02 09:34 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2015-09-01 13:20 - 2015-09-05 08:44 - 00000000 ___DC C:\WINDOWS\Panther
    2015-09-01 13:17 - 2015-09-01 13:17 - 00000000 ____D C:\Windows.old
    2015-09-01 13:16 - 2015-09-01 13:16 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2015-09-01 13:16 - 2015-09-01 13:16 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
    2015-09-01 13:16 - 2015-09-01 13:16 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
    2015-09-01 13:16 - 2015-09-01 13:16 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
    2015-09-01 13:13 - 2015-09-01 13:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\Users\Sean\AppData\Local\MicrosoftEdge
    2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Sean\AppData\Local\Publishers
    2015-09-01 10:59 - 2015-09-01 10:59 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 22972560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 16159608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 16009800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 15892904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 14510584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 13274560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 12972336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 11842680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 11139216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2015-09-01 10:59 - 2015-09-01 10:59 - 03344672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02955832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 02163856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01061192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 01052488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00991336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00602264 _____ C:\WINDOWS\system32\nvmcumd.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00374416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00340624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00314936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
    2015-09-01 10:59 - 2015-09-01 10:59 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007884 _____ C:\WINDOWS\system32\Drivers\cmdguard.cat
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007471 _____ C:\WINDOWS\system32\Drivers\inspect.cat
    2015-09-01 10:54 - 2015-08-04 19:32 - 00007467 _____ C:\WINDOWS\system32\Drivers\cmdhlp.cat
    2015-09-01 10:53 - 2015-09-01 10:53 - 00002373 _____ C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-09-01 10:53 - 2015-09-01 10:53 - 00000000 ___RD C:\Users\Sean\OneDrive
    2015-09-01 10:52 - 2015-09-01 10:52 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2015-09-01 10:50 - 2015-09-01 10:52 - 00000000 ____D C:\Users\Sean\AppData\Local\Comms
    2015-09-01 10:49 - 2015-09-01 10:49 - 00000020 ___SH C:\Users\Sean\ntuser.ini
    2015-09-01 10:49 - 2015-09-01 10:49 - 00000000 ____D C:\Users\Sean\AppData\Local\TileDataLayer
    2015-09-01 10:45 - 2015-09-01 10:45 - 00000000 __SHD C:\Recovery
    2015-09-01 10:43 - 2015-09-01 10:43 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
    2015-09-01 10:42 - 2015-09-11 15:01 - 00877900 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-09-01 10:37 - 2015-07-10 05:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2015-09-01 10:33 - 2015-09-01 10:33 - 00001576 _____
     
  21. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-09-01 10:29 - 2015-09-01 10:29 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2015-09-01 10:28 - 2015-09-12 07:46 - 00000000 ____D C:\Users\Sean
    2015-09-01 10:28 - 2015-09-01 10:49 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 __RSD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-09-01 10:28 - 2015-07-10 06:04 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-09-01 10:23 - 2015-09-01 11:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\WINDOWS\system32\DAX2
    2015-09-01 10:23 - 2015-09-01 10:23 - 00000000 ____D C:\Program Files\Realtek
    2015-09-01 10:22 - 2015-09-01 10:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2015-09-01 10:21 - 2015-09-01 10:22 - 00020981 _____ C:\WINDOWS\system32\NetSetupMig.log
    2015-09-01 10:02 - 2015-09-01 10:45 - 00009528 _____ C:\WINDOWS\diagwrn.xml
    2015-09-01 10:02 - 2015-09-01 10:45 - 00009528 _____ C:\WINDOWS\diagerr.xml
    2015-08-29 07:52 - 2015-09-01 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
    2015-08-29 07:52 - 2015-08-29 07:52 - 00000000 ____D C:\Program Files (x86)\GPLGS
    2015-08-29 07:52 - 2015-08-29 07:52 - 00000000 ____D C:\Program Files (x86)\Acro Software
    2015-08-29 07:52 - 2013-10-23 15:24 - 00087600 _____ C:\WINDOWS\system32\cpwmon64.dll
    2015-08-29 07:51 - 2015-08-29 07:51 - 02446176 _____ (Acro Software Inc. ) C:\Users\Sean\Downloads\CuteWriter.exe
    2015-08-19 05:42 - 2015-08-19 05:42 - 02810448 _____ (Coupons.com Incorporated) C:\Users\Sean\Downloads\CouponPrinter.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-12 16:47 - 2015-03-16 10:07 - 00019544 _____ C:\Users\Sean\Desktop\FRST.txt
    2015-09-12 16:47 - 2015-03-16 10:06 - 00000000 ____D C:\FRST
    2015-09-12 16:42 - 2015-03-17 11:29 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
    2015-09-12 15:58 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-09-12 12:50 - 2015-06-16 23:04 - 00000000 ____D C:\Users\Sean\Desktop\Reciprosity
    2015-09-12 09:52 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-09-12 09:52 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-09-12 07:46 - 2014-05-28 19:07 - 00000000 ____D C:\AdwCleaner
    2015-09-12 07:09 - 2014-04-22 19:24 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-09-12 06:53 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-09-11 20:20 - 2015-03-16 10:12 - 00073690 _____ C:\Users\Sean\Desktop\Addition.txt
    2015-09-11 19:57 - 2015-03-16 10:06 - 02190848 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
    2015-09-11 19:34 - 2014-05-23 00:11 - 06085120 _____ C:\Users\Sean\Documents\BigPicture.xls
    2015-09-11 18:13 - 2015-04-20 14:15 - 00010364 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
    2015-09-11 12:24 - 2013-11-19 02:47 - 00000000 ____D C:\Users\Sean\Desktop\Maintenance
    2015-09-11 08:12 - 2014-04-21 13:53 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-09-11 08:07 - 2014-04-21 13:53 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-09-11 07:07 - 2015-02-25 04:18 - 00000870 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core.job
    2015-09-09 01:37 - 2015-08-12 03:22 - 00000000 ____D C:\ProgramData\iolo
    2015-09-09 01:37 - 2014-08-17 15:37 - 00000000 ____D C:\Program Files (x86)\Java
    2015-09-09 01:36 - 2014-08-17 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-09-09 01:29 - 2015-07-10 07:20 - 00227856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-09-09 01:27 - 2015-07-10 08:14 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-09 01:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-09-08 16:12 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-09-08 15:41 - 2014-05-22 11:26 - 00000000 ____D C:\Program Files (x86)\Google
    2015-09-08 13:50 - 2014-06-27 05:13 - 00000000 ____D C:\Users\Sean\AppData\Local\Adobe
    2015-09-08 10:08 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
    2015-09-06 13:26 - 2014-05-31 12:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-09-06 13:07 - 2015-03-17 14:02 - 00000000 ____D C:\Users\Sean\Desktop\Old Firefox Data
    2015-09-06 12:45 - 2015-03-16 10:44 - 00006863 _____ C:\zoek-results.log
    2015-09-06 11:41 - 2015-03-16 10:42 - 00000000 ____D C:\zoek_backup
    2015-09-06 10:25 - 2014-02-14 02:40 - 00026538 _____ C:\Users\Sean\Downloads\reg.txt
    2015-09-05 15:25 - 2015-03-16 14:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2015-09-05 09:44 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Cursors
    2015-09-05 08:43 - 2014-11-29 18:27 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-05 08:24 - 2014-08-17 15:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2015-09-05 08:24 - 2014-04-21 18:19 - 00000000 ____D C:\ProgramData\Oracle
    2015-09-05 08:15 - 2015-05-18 07:04 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-09-05 08:14 - 2014-04-21 18:17 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-04 15:51 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2015-09-04 07:53 - 2014-05-22 11:26 - 00000000 ____D C:\Users\Sean\AppData\Local\Google
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\oobe
    2015-09-04 03:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-09-03 06:52 - 2015-01-30 12:27 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
    2015-09-03 06:52 - 2015-01-30 12:27 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
    2015-09-02 09:35 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\restore
    2015-09-02 09:31 - 2015-07-10 06:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-09-02 09:31 - 2015-07-10 06:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-09-02 03:49 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\appcompat
    2015-09-01 13:19 - 2015-07-10 06:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2015-09-01 13:17 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
    2015-09-01 13:17 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-09-01 13:17 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2015-09-01 13:17 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Dism
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\setup
    2015-09-01 13:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2015-09-01 11:14 - 2014-04-21 13:28 - 00000000 ____D C:\Users\Sean\AppData\Local\Packages
    2015-09-01 11:01 - 2014-04-21 13:36 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-01 11:00 - 2014-04-21 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-09-01 10:59 - 2015-07-23 04:02 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
    2015-09-01 10:54 - 2015-08-07 19:59 - 00127232 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\MiracastView
    2015-09-01 10:50 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2015-09-01 10:44 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Registration
    2015-09-01 10:43 - 2015-03-17 19:06 - 00003690 _____ C:\WINDOWS\System32\Tasks\Maxthon Update
    2015-09-01 10:43 - 2015-02-25 04:18 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA
    2015-09-01 10:43 - 2015-02-25 04:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core
    2015-09-01 10:43 - 2014-11-29 18:27 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2015-09-01 10:43 - 2014-05-24 08:41 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2015-09-01 10:43 - 2014-04-22 19:28 - 00003138 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
    2015-09-01 10:43 - 2014-04-21 13:34 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3241552452-1043148222-4198266174-1001
    2015-09-01 10:41 - 2015-07-10 06:04 - 00000000 __RHD C:\Users\Public\Libraries
    2015-09-01 10:34 - 2015-08-12 04:20 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
    2015-09-01 10:34 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2015-09-01 10:34 - 2015-05-13 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BovadaPoker
    2015-09-01 10:34 - 2015-03-17 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
    2015-09-01 10:34 - 2015-03-16 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2015-09-01 10:34 - 2015-03-09 12:05 - 00000000 ____D C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-09-01 10:34 - 2014-12-15 04:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Favorite-Games
    2015-09-01 10:34 - 2014-11-29 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-09-01 10:34 - 2014-09-04 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-09-01 10:34 - 2014-07-06 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
    2015-09-01 10:34 - 2014-05-24 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2015-09-01 10:34 - 2014-05-15 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK
    2015-09-01 10:34 - 2014-05-15 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\palmOne
    2015-09-01 10:34 - 2014-04-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-09-01 10:34 - 2014-04-21 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2015-09-01 10:33 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Default.migrated
    2015-09-01 10:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\spool
    2015-09-01 10:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
    2015-09-01 10:31 - 2014-04-21 18:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
    2015-09-01 10:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
    2015-09-01 10:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
    2015-09-01 10:30 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\InputMethod
    2015-09-01 10:30 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Help
    2015-09-01 10:30 - 2015-03-17 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
    2015-09-01 10:30 - 2014-04-21 17:45 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
    2015-09-01 10:30 - 2014-04-21 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
    2015-09-01 10:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
    2015-09-01 10:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\ADFS
    2015-09-01 10:29 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
    2015-09-01 10:29 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-09-01 10:28 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2015-09-01 10:21 - 2015-07-10 04:05 - 00000000 __RHD C:\Users\Default
    2015-09-01 10:02 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
    2015-09-01 04:11 - 2015-06-22 01:53 - 00000440 _____ C:\Users\Sean\Documents\spider.sav
    2015-08-28 21:36 - 2015-02-25 04:18 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA.job
    2015-08-28 16:10 - 2014-05-01 19:57 - 00587776 ___SH C:\Users\Sean\Desktop\Thumbs.db
    2015-08-14 15:03 - 2014-09-04 01:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-08-14 15:03 - 2014-09-04 01:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

    ==================== Files in the root of some directories =======

    2014-11-29 22:00 - 2015-07-21 22:25 - 0000000 _____ () C:\Users\Sean\AppData\Local\ars.cache
    2014-11-29 22:00 - 2015-07-21 22:27 - 2504317 _____ () C:\Users\Sean\AppData\Local\census.cache
    2014-11-29 19:02 - 2014-11-29 19:02 - 0000036 _____ () C:\Users\Sean\AppData\Local\housecall.guid.cache
    2015-09-09 22:16 - 2015-09-09 22:16 - 0007596 _____ () C:\Users\Sean\AppData\Local\Resmon.ResmonCfg
    2014-11-29 19:06 - 2015-07-21 18:55 - 0000010 _____ () C:\Users\Sean\AppData\Local\sponge.last.runtime.cache
    2015-09-01 10:23 - 2015-09-01 10:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Sean\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Sean\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-09-11 11:53

    ==================== End of FRST.txt ============================
     
  22. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
    Ran by Sean (2015-09-12 16:48:48)
    Running from C:\Users\Sean\Desktop
    Windows 10 Home (X64) (2015-09-01 15:49:47)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3241552452-1043148222-4198266174-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3241552452-1043148222-4198266174-503 - Limited - Disabled)
    Guest (S-1-5-21-3241552452-1043148222-4198266174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3241552452-1043148222-4198266174-1003 - Limited - Enabled)
    Sean (S-1-5-21-3241552452-1043148222-4198266174-1001 - Administrator - Enabled) => C:\Users\Sean

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
    AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
    BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    COMODO Internet Security Premium (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    Dropbox (HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Favorite-Games 5.22 (HKLM-x32\...\Favorite-Games_is1) (Version: - Favorite-Games 2001-2013 ©)
    GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.60.0000 - GIGABYTE Technology Co.,Ltd.)
    GIGABYTE OC_GURU II (x32 Version: 1.60.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
    Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    KODAK Share Button App (HKLM-x32\...\{F5930CDE-2FF5-4A8D-9DBD-3177C816D4A9}) (Version: 4.05.0000.0000 - Eastman Kodak Company)
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.4.3000 - Maxthon International Limited)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
    NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA Miracast Virtual Audio 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    palmOne (HKLM-x32\...\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}) (Version: 4.1.0420 - palmOne, Inc.)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
    Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
    SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
    SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
    Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Temperature Monitor (HKLM-x32\...\{6642BF47-D82A-447B-90E7-658FA865AFD7}) (Version: - )
    Tseries BIOS Update (HKLM-x32\...\{E8626A59-FD0E-449C-A23A-C52FC0733629}) (Version: - )
    Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (HKLM\...\3D970B9F930E7AAE23C06D39A1AC98548C90B442) (Version: 01/29/2010 1.4.1.0 - Eastman Kodak)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sean\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3241552452-1043148222-4198266174-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    02-09-2015 09:35:27 Windows Update
    02-09-2015 09:36:08 Windows Update
    06-09-2015 10:46:04 zoek.exe restore point
    08-09-2015 10:45:55 Windows Modules Installer
    12-09-2015 07:54:55 JRT Pre-Junkware Removal

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 08:25 - 2015-09-06 10:47 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
    Task: {099C7F4C-2988-4A43-9948-C49DEC4D1C16} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-09-11] (Microsoft Corporation)
    Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
    Task: {156021EF-1826-4D3B-B4EB-B9927A8672E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
    Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {25084441-C4F9-4F2E-AC44-6535AE3D6F7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {26352CF2-E2B3-4CC6-B940-F7DF2B200AF9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {27E64EF6-8B29-486A-B1DD-70FB29DA38C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
    Task: {2F8B9962-108D-4E19-803B-6CA0836A125A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {34842A40-4042-4B51-8A01-F90FD36DF44A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
    Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {45E57331-A70A-4DAD-826C-ABCD4D1BF104} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-05] (Piriform Ltd)
    Task: {4A6E10F0-9097-48F7-BB24-FF2D75D1B2B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated)
    Task: {51996DCF-7925-45CC-8AFF-0298CE92B196} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {63299786-983C-4780-906B-C247B541517C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {66FDE4FC-C057-41E4-8E50-FA3E1DD8E32C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
    Task: {6B185EE9-A320-4E73-94BF-524E8D6BE1DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {6F8ACA14-CE61-4B5E-8D79-34D1379D23AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
    Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
    Task: {74077514-9C8F-4C0A-B5F0-76FAABD51E26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {74E8EBF4-4F47-42F4-B87B-006CC5913BAD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
    Task: {7B48077C-71A9-485F-8CB5-39896F65265B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-07-15] (Maxthon International ltd.)
    Task: {88509F51-4B08-453F-B23B-ED80F2E96D43} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-09-01] (Microsoft Corporation)
    Task: {98B4436C-94CB-411C-B6A9-767DFA35091A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {9DDE1CB6-BB0F-4E52-B04D-72B1B14C6196} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)
    Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
    Task: {C326F8D3-D767-4764-AB2B-73224E5F7C55} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {C36ACC15-5360-400C-84BB-F61EB8350C09} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {C39C0657-6AE8-4BD4-A865-2D6A1998AE7A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)
    Task: {C3A47CA8-4E17-4F90-9DB8-ADEDDAFB73EB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
    Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
    Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
    Task: {D16D5D78-2A8C-4C22-A500-4C7A9E3C44A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D5B8423C-B5E6-40EC-98D8-2FF4D44361DE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {E30091F6-D19E-4357-A70E-5F1F05764068} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {E81ACDC6-0059-4355-AACD-48462B712D07} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {EDCAE232-0AC7-4834-9F7E-18466F00D7A5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {FCCDF9C9-B3D3-4D50-B280-FC94135184C4} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
    Task: {FE786032-4C51-4007-B99C-C9453955768B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001Core.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3241552452-1043148222-4198266174-1001UA.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-09-01 13:16 - 2015-09-01 13:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2014-04-21 13:35 - 2015-07-13 12:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-08-29 07:52 - 2013-10-23 15:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-02 09:45 - 2015-09-02 09:45 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-07-10 05:59 - 2015-07-10 05:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-07-10 06:00 - 2015-07-10 08:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-09-02 09:34 - 2015-09-02 09:34 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
    2013-04-15 17:39 - 2015-01-08 17:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
    2015-09-08 15:41 - 2015-08-27 20:56 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
    2015-09-08 15:41 - 2015-08-27 20:56 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
    2015-09-08 15:41 - 2015-08-27 20:56 - 28659016 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
    2015-09-01 11:32 - 2015-09-01 11:32 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    2015-09-01 11:32 - 2015-09-01 11:32 - 11606528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
    2015-07-10 08:17 - 2015-07-10 08:17 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\zoek-delete.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\configmanager2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\coredpus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dafWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dfp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DfpCommon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_win.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_wininternal.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\enterprisecsps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerShellext.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFrameworkInternalPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationGeofences.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationPermissions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeParserTask.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssprxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MusNotificationUx.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkStatus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationControllerPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rdbui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RDXService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\schedsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Notifications.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModelShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SkyDriveTelemetry.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SubscriptionMgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\syncutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\sysmain.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringservice.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tileobjserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnNetsh.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID
    AlternateDataStreams:
     
  23. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.PicturePassword.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuautoappupdate.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReInfo.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\subinacl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\inspect.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mountmgr.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\msgpiowin32.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdyboost.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tmcomm.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tunnel.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBHUB3.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBXHCI.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wpcfltr.sys:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 1.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 2.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Miata seat install into Z.pdf:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Rachel and Richie Marriage License - 1374836_233220810167480_1318245182_n.jpg:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\Adware_Removal_Tool_by_TSA.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\adwcleaner_5.005.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\adwcleaner_5.007.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1).zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip.5m27mey.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu_exe.l7o9ats.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\FRST64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\JRT.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\JRT.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\MiniToolBox.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revouninstaller.zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\RogueKiller.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\RogueKiller.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdZnID

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 156.154.70.22 - 156.154.71.22
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "HotSync Manager.lnk"
    HKLM\...\StartupApproved\Run: => "ShadowPlay"
    HKLM\...\StartupApproved\Run: => "NvBackend"
    HKLM\...\StartupApproved\Run32: => "Adobe ARM"
    HKLM\...\StartupApproved\Run32: => "HostManager"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4C759CBE76051A54F37D4E70F0F48AE0"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "Google Update"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3241552452-1043148222-4198266174-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{0CC7380D-42A3-4F6F-B72C-30C8B37AA67C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{B998D10F-858E-43D0-9A0E-49D866C5955D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{C884125D-4EEA-4065-9A75-467D11C30C2C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{76A3519A-AA3D-455E-881D-8832B99A5C84}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{DC082DA4-E88F-49F1-9F01-40D2E1703E43}] => (Allow) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{88A2E9F7-B26F-4230-ADC8-0C9B7FBDD1A8}] => (Allow) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{73D8BAFC-A5F4-41C5-BC2B-98AEC25A957A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
    FirewallRules: [{12B31E19-2714-4490-B4BC-1DE1C981F4F6}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\aolbrowser.exe
    FirewallRules: [{011157BC-FFD8-42B6-8E36-5C9964790388}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{FF6452B7-7B13-4EF6-A229-9D9454619CC2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{C8B59CA6-6CA8-4696-BB49-061CE1941A14}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{5EDFD783-730B-43AE-B711-EAB1B1F7F146}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{94AAA43C-0AA3-4C2F-AD13-39F32A024A5B}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{727DBB22-452D-4082-9A46-594FA52070EF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{95D8A61F-14F5-41B8-9431-8D72EFC69D79}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
    FirewallRules: [{B3831639-C8F2-4ABA-B2D3-EE857E0D0214}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
    FirewallRules: [{6B4E3484-D769-458F-804B-3554C3AAEE88}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1404696771\ee\aolsoftware.exe
    FirewallRules: [{A96902C5-C881-46E2-9EDE-EA5E5D756EDF}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1404696771\ee\aolsoftware.exe
    FirewallRules: [{403E0155-108C-4382-8FA1-5E234640EFD6}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{1D1447AC-5C19-4F35-969B-1F4568909CDB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{F080FEE9-4A27-4DCE-A35E-F96FCB031627}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{DB8B5D76-0E92-4A61-96A6-3C43F0AD8EA2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{8EF41A7A-604D-4B95-A8BB-2A1009128AF4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{AD989AD0-0B84-4917-9E1E-DCD225F4DE63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{081BCE1B-8F0A-468E-B1B4-4F3842023CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{25555285-34A3-473A-A08C-F585FD5079FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{BCDAEBCE-79AA-4071-8C5E-2955AD5B7CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{292A2F33-82AC-46E6-A06F-ADA08C871023}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{763FC454-C9A9-4A14-A5B0-9F670C7407E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EF8C6F70-58F0-4BB7-8BC4-DC4C61C3B4E0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E20E4464-9338-478F-B101-8C0DBB92C973}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{0B27440D-CB6D-4B99-8939-41303972768F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/12/2015 09:51:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Owner-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (09/12/2015 06:52:36 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/12/2015 06:52:36 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/11/2015 12:35:34 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/11/2015 12:35:31 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/11/2015 12:35:26 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

    Error: (09/09/2015 09:34:37 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b991f5c1-d34f-42ee-b324-c62aec4d882a.dmp

    Error: (09/09/2015 12:55:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

    Details:
    The content index catalog is corrupt. 0xc0041801 (0xc0041801)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)}. The service will attempt to automatically correct this problem by rebuilding the index.

    Details:
    The data is invalid. 0x8007000d (0x8007000d)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)}. The service will attempt to automatically correct this problem by rebuilding the index.

    The data is invalid. 0x8007000d (0x8007000d)


    System errors:
    =============
    Error: (09/12/2015 09:51:50 AM) (Source: DCOM) (EventID: 10010) (User: Owner-PC)
    Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

    Error: (09/12/2015 09:51:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (09/12/2015 08:00:32 AM) (Source: DCOM) (EventID: 10016) (User: Owner-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Owner-PCSeanS-1-5-21-3241552452-1043148222-4198266174-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.8.25.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

    Error: (09/12/2015 07:58:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/12/2015 07:58:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/12/2015 07:58:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NVIDIA GeForce Experience Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/12/2015 07:58:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/12/2015 07:58:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (09/12/2015 07:58:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/12/2015 07:46:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Search service failed to start due to the following error:
    %%1069


    Microsoft Office:
    =========================
    Error: (09/12/2015 09:51:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Owner-PC)
    Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

    Error: (09/12/2015 06:52:36 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

    Error: (09/12/2015 06:52:36 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe

    Error: (09/11/2015 12:35:34 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe

    Error: (09/11/2015 12:35:31 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe

    Error: (09/11/2015 12:35:26 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestc:\users\sean\downloads\esetsmartinstaller_enu (1).exe

    Error: (09/09/2015 09:34:37 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
    Description: Chrome has encountered a fatal error.
    ver=45.0.2454.85;lang=;guid=015427DD278D406BAB85BDA0FFE31A65;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b991f5c1-d34f-42ee-b324-c62aec4d882a.dmp

    Error: (09/09/2015 12:55:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: Details:
    The content index catalog is corrupt. 0xc0041801 (0xc0041801)
    The catalog is corrupt

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: Details:
    The data is invalid. 0x8007000d (0x8007000d)
    4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)

    Error: (09/09/2015 12:55:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The data is invalid. 0x8007000d (0x8007000d)
    4810 - base\appmodel\search\search\ytrip\tripoli\inverted\decodinglayerpages.h (425)


    CodeIntegrity:
    ===================================
    Date: 2015-09-12 12:51:58.843
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 12:38:59.046
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 12:30:36.658
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 12:18:19.466
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 12:09:06.001
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 12:03:08.326
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 11:57:00.739
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 11:18:55.214
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 10:48:56.586
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-09-12 10:36:20.191
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD FX(tm)-6300 Six-Core Processor
    Percentage of memory in use: 58%
    Total physical RAM: 8168.68 MB
    Available physical RAM: 3349.4 MB
    Total Virtual: 9448.68 MB
    Available Virtual: 3327.35 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:930.73 GB) (Free:803.97 GB) NTFS
    Drive d: () (Fixed) (Total:465.75 GB) (Free:465.55 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 632ADF5D)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 22EE22EE)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  24. Broni

    Broni Malware Annihilator Posts: 52,898   +344

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  25. SeanInTulsa

    SeanInTulsa TS Member Topic Starter Posts: 37

    Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
    Ran by Sean (2015-09-12 17:41:16) Run:1
    Running from C:\Users\Sean\Desktop
    Loaded Profiles: Sean (Available Profiles: Sean)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CHR Extension: (kik) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi [2015-04-22]
    C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2014-11-29 22:00 - 2015-07-21 22:25 - 0000000 _____ () C:\Users\Sean\AppData\Local\ars.cache
    2014-11-29 22:00 - 2015-07-21 22:27 - 2504317 _____ () C:\Users\Sean\AppData\Local\census.cache
    2014-11-29 19:02 - 2014-11-29 19:02 - 0000036 _____ () C:\Users\Sean\AppData\Local\housecall.guid.cache
    2015-09-09 22:16 - 2015-09-09 22:16 - 0007596 _____ () C:\Users\Sean\AppData\Local\Resmon.ResmonCfg
    2014-11-29 19:06 - 2015-07-21 18:55 - 0000010 _____ () C:\Users\Sean\AppData\Local\sponge.last.runtime.cache
    2015-09-01 10:23 - 2015-09-01 10:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    C:\Users\Sean\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\Sean\AppData\Local\Temp\sqlite3.dll
    Task: {25084441-C4F9-4F2E-AC44-6535AE3D6F7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {2F8B9962-108D-4E19-803B-6CA0836A125A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {34842A40-4042-4B51-8A01-F90FD36DF44A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {63299786-983C-4780-906B-C247B541517C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {6B185EE9-A320-4E73-94BF-524E8D6BE1DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {74077514-9C8F-4C0A-B5F0-76FAABD51E26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {88509F51-4B08-453F-B23B-ED80F2E96D43} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {D16D5D78-2A8C-4C22-A500-4C7A9E3C44A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D5B8423C-B5E6-40EC-98D8-2FF4D44361DE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {E81ACDC6-0059-4355-AACD-48462B712D07} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {FE786032-4C51-4007-B99C-C9453955768B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\zoek-delete.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\configmanager2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\coredpus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dafWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dfp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DfpCommon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_win.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\diagtrack_wininternal.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\enterprisecsps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerShellext.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationFrameworkInternalPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationGeofences.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LocationPermissions.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MbaeParserTask.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssprxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\MusNotificationUx.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NetworkStatus.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationControllerPS.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rdbui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RDXService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\schedsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Notifications.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SharedStartModelShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SkyDriveTelemetry.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\SubscriptionMgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\syncutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\sysmain.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tetheringservice.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tileobjserver.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmcsp.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WcnNetsh.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.PicturePassword.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wuautoappupdate.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenter.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioEng.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreUIComponents.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\directmanipulation.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fdWCN.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fontdrvhost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApiPublic.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfuimanager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\notepad.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\NotificationObjFactory.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PlayToManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\ReInfo.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shacct.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\subinacl.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tetheringclient.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\UserMgrProxy.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VEEventDispatcher.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\VoiceActivationManager.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WcnApi.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\wpnapps.dll:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\inspect.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mountmgr.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\msgpiowin32.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdyboost.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tmcomm.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\tunnel.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBHUB3.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBXHCI.SYS:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\wpcfltr.sys:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\adwcleaner_4.112.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 1.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Big edit 2.mp3:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\BovadaPoker.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\ccsetup507.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\chromeinstall-8u51.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\DropboxInstaller.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\GoogleVoiceAndVideoSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\HousecallLauncher64.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Miata seat install into Z.pdf:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\Rachel and Richie Marriage License - 1374836_233220810167480_1318245182_n.jpg:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TCPOptimizer.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\wireless (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Desktop\zoek.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\30x1hssv.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\Adware_Removal_Tool_by_TSA.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\adwcleaner_5.005.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\adwcleaner_5.007.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\autodetectutility.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2.5.242177.201_x64 (1).zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip (1):$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\cce_2_5_242177_201_x64_zip.5m27mey.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup501.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ccsetup509.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\ChromeSetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\chrome_cleanup_tool (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CouponPrinter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\CuteWriter.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\esetsmartinstaller_enu_exe.l7o9ats.partial:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\favorite-games_en.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\FRST64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64 (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64(2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\HousecallLauncher64_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jre-6u7-windows-i586-p (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\JRT.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\JRT.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\jxpiinstall(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\MiniToolBox.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\mxsetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\QuickTimeInstaller (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\revosetup.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\revouninstaller.zip:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\RogueKiller.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\RogueKiller.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SAS_454917.COM:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SecurityTaskManager_Setup_exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spsetup128.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\spybot-2.4.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\SUPERAntiSpyware (1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\TFC (2).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\wireless(1).exe:$CmdZnID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Sean\Downloads\zoek.exe:$CmdZnID

    *****************

    C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi => moved successfully
    "C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkokbomkgbdkaojembbpmjlgeejgamgi" => File/Folder not found.
    wfpcapture => service removed successfully
    C:\Users\Sean\AppData\Local\ars.cache => moved successfully
    C:\Users\Sean\AppData\Local\census.cache => moved successfully
    C:\Users\Sean\AppData\Local\housecall.guid.cache => moved successfully
    C:\Users\Sean\AppData\Local\Resmon.ResmonCfg => moved successfully
    C:\Users\Sean\AppData\Local\sponge.last.runtime.cache => moved successfully
    C:\ProgramData\DP45977C.lfl => moved successfully
    C:\Users\Sean\AppData\Local\Temp\dllnt_dump.dll => moved successfully
    C:\Users\Sean\AppData\Local\Temp\sqlite3.dll => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25084441-C4F9-4F2E-AC44-6535AE3D6F7A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25084441-C4F9-4F2E-AC44-6535AE3D6F7A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F8B9962-108D-4E19-803B-6CA0836A125A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F8B9962-108D-4E19-803B-6CA0836A125A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34842A40-4042-4B51-8A01-F90FD36DF44A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34842A40-4042-4B51-8A01-F90FD36DF44A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63299786-983C-4780-906B-C247B541517C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63299786-983C-4780-906B-C247B541517C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B185EE9-A320-4E73-94BF-524E8D6BE1DE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B185EE9-A320-4E73-94BF-524E8D6BE1DE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74077514-9C8F-4C0A-B5F0-76FAABD51E26}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74077514-9C8F-4C0A-B5F0-76FAABD51E26}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88509F51-4B08-453F-B23B-ED80F2E96D43}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88509F51-4B08-453F-B23B-ED80F2E96D43}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D16D5D78-2A8C-4C22-A500-4C7A9E3C44A7}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D16D5D78-2A8C-4C22-A500-4C7A9E3C44A7}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5B8423C-B5E6-40EC-98D8-2FF4D44361DE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5B8423C-B5E6-40EC-98D8-2FF4D44361DE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E81ACDC6-0059-4355-AACD-48462B712D07}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E81ACDC6-0059-4355-AACD-48462B712D07}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE786032-4C51-4007-B99C-C9453955768B}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE786032-4C51-4007-B99C-C9453955768B}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
    "C:\WINDOWS\explorer.exe" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\notepad.exe" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\zoek-delete.exe" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\acmigration.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\ActionCenter.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\aitstatic.exe" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AppXDeploymentClient.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AppXDeploymentExtensions.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AppXDeploymentServer.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AppxSysprep.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\atmfd.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\atmlib.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AudioEndpointBuilder.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AudioEng.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\AudioSes.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\authui.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\BthRadioMedia.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\Chakra.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\ci.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\cloudAP.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\configmanager2.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\coredpus.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\CoreUIComponents.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\CredProvDataModel.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\d3d9.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\dafWCN.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\dfp.exe" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\DfpCommon.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\diagtrack.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\diagtrack_win.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\diagtrack_wininternal.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\directmanipulation.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\dwmcore.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\DWrite.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\dxgi.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\edgehtml.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\enterprisecsps.dll" => ":$CmdTcID" ADS not found.
    "C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll" => ":$CmdTcID" ADS not found.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...